Why Today's Cyber Defense Requires Offensive ThinkingCyberTheory's Steve King on Studying the Enemy and Crafting Countermeasures
Malware activity has increased 28% since last year, and botnet and exploit activity are up over 100%, according to CyberTheory's 2022 Third Quarter Review. CyberTheory Director Steve King says "a new approach to cybersecurity defense" is needed to fight today's cybercrime.
King says security leaders need to be making it much harder for the adversaries to succeed against their defenses. "By increasing the scrutiny within the identity and access management process, by removing excess trust from the network, by isolating our corporate assets and protect surfaces, we'll be able to do that," he says.
King also advises focusing on network visibility and recommends intrusion suppression. "It may be far more effective to simply be able to watch intruders do what they're doing," says King. This intelligence would give defenders a better idea as to what criminals' "intentions are, where they're headed, and give us a higher and more effective capture rate," he adds.
In this video interview with Information Security Media Group, King discusses:
- Highlights from the CyberTheory 2022 Third Quarter Review research;
- How adversaries' tactics are evolving;
- Why both a defensive and offensive mindset are needed for an effective cybersecurity strategy.
King, director of cybersecurity advisory services at Information Security Media Group, has served in senior leadership roles in technology development for the past 19 years. He has founded nine startups, including Endymion Systems and seeCommerce. He has held leadership roles in marketing and product development, operating as CEO, CTO and CISO for several startups, including Netswitch Technology Management. He also served as CIO for Memorex and was the co-founder of the Cambridge Systems Group. He has been granted numerous engineering patents.