By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
SmartData Collective
  • Analytics
    AnalyticsShow More
    data-driven image seo
    Data Analytics Helps Marketers Substantially Boost Image SEO
    8 Min Read
    construction analytics
    5 Benefits of Analytics to Manage Commercial Construction
    5 Min Read
    benefits of data analytics for financial industry
    Fascinating Changes Data Analytics Brings to Finance
    7 Min Read
    analyzing big data for its quality and value
    Use this Strategic Approach to Maximize Your Data’s Value
    6 Min Read
    data-driven seo for product pages
    6 Tips for Using Data Analytics for Product Page SEO
    11 Min Read
  • Big Data
  • BI
  • Exclusive
  • IT
  • Marketing
  • Software
Search
© 2008-23 SmartData Collective. All Rights Reserved.
Reading: 3 Strategies Employed by the Leading Enterprise Cybersecurity Platforms
Share
Notification Show More
Latest News
anti-spoofing tips
Anti-Spoofing is Crucial for Data-Driven Businesses
Security
ai in software development
3 AI-Based Strategies to Develop Software in Uncertain Times
Software
ai in ppc advertising
5 Proven Tips for Utilizing AI with PPC Advertising in 2023
Artificial Intelligence
data-driven image seo
Data Analytics Helps Marketers Substantially Boost Image SEO
Analytics
ai in web design
5 Ways AI Technology Has Disrupted Website Development
Artificial Intelligence
Aa
SmartData Collective
Aa
Search
  • About
  • Help
  • Privacy
Follow US
© 2008-23 SmartData Collective. All Rights Reserved.
SmartData Collective > IT > Security > 3 Strategies Employed by the Leading Enterprise Cybersecurity Platforms
Security

3 Strategies Employed by the Leading Enterprise Cybersecurity Platforms

Cybersecurity strategies need to be based off of sound data analytics principles.

Matt James
Last updated: 2021/11/12 at 11:03 PM
Matt James
9 Min Read
enterprise cybersecurity platforms
Photo 165746594 / Data © Ratz Attila | Dreamstime.com
SHARE
- Advertisement -

Much has changed since the time when organizations only knew of antiviruses and simple firewalls as the tools, they need to protect their computers. To address newer challenges, security providers have developed new technologies and strategies to combat evolving threats.

Contents
Breach and attack simulationContinuous automated red teamingAdvanced purple teamingNew but proven strategies

Stephanie Benoit-Kurtz, Lead Area Faculty Chair for the University of Phoenix’s Cybersecurity Programs, offers a good summary of the changes security organizations should anticipate, especially in the time of the pandemic. “The threat landscape over the past 18 months has significantly changed in complexity and frequency of attacks. Long gone are the days when a lone wolf attacker was manually knocking at the door.”

- Advertisement -

To get acquainted with the ways security firms are handling the new breed of threats in cyberspace, here’s a rundown of the notable strategies the leading cybersecurity platforms and security firms are offering.

Breach and attack simulation

One of the headline features of modern cybersecurity platforms is breach and attack simulation or BAS. Designed to test the efficacy of existing security controls and improve them, BAS spots vulnerabilities in security environments by mimicking the possible attack paths and methods that will be employed by hackers and other bad actors. Gartner says that “breach and attack simulation tools help make security postures more consistent and automated.”

More Read

Big Data Security

Gartner Survey: 98% of Brands Are Negligent with Big Data Security

Why Companies Should Leverage these Cybersecurity Tools?
Locky Ransomware Statistics: Geos Targeted, Amounts Paid, Spread Volumes and Much More…

BAS is one of the top features in security posture management platforms for enterprises. It is not only able to check whether or not security controls are working the way they should; it also maximizes the ROI on these controls. Many organizations may not pay that much attention to this, but they are getting the return on their cybersecurity investment every time they elude disruptions and other forms of damage from cyber-attacks. BAS is easily one of the highly effective new ways of examining and improving cybersecurity efficacy.

Breach and attack simulation is designed to catch the most recent attack techniques employed by advanced persistent threats. Together with the MITRE ATT&CK framework, it achieves what some security firms describe as “threat-informed defense” by taking advantage of the latest threat intelligence and the knowledge of the tactics and techniques cybercriminals use. It effectively simulates the way malicious software and cyber-attacks impact endpoints, commit data exfiltration, and move around a network laterally.

Continuous automated red teaming

Red teaming is the strategy of using a group of ethical hackers to simulate a cyberattack on an organization. It is a form of security testing that relies on white hats or security professionals who will attempt to break through cyber defenses in whatever way they can think of.

- Advertisement -

Red teaming is a labor-intensive endeavor. To adequately cover all of the security controls and related aspects of an organization in a timely manner, several team members will have to work together. The problem is that this kind of approach is no longer compatible with the current cyber threat landscape, given how aggressive, frequent, and sophisticated the attacks are nowadays.

To keep up with the rapidly evolving threats, organizations need a continuous approach in security testing. Security vulnerabilities can emerge anytime, and defects in the protective measures put up by an organization will not wait for when the next red team evaluation would take place. There should be no gap in the integrity of an organization’s cybersecurity to ably deal with new attacks.

For these, the elements of continuity and automation are necessary, continuous automated red teaming or CART is an appropriate solution. Serial cybersecurity entrepreneur Bikash Barai, who has spoken at the RSA Conference and TEDx, calls CART the future of security testing.

While BAS tools usually require both hardware or software agents within an organization to simulate the way real cyber-attacks work to penetrate an internal system, CART takes on a different approach. It does not supplant BAS, but something that complements it. “CART on the other hand works using an outside-in approach and conducts real attacks without the need for any hardware, software, or integration,” Barai explains.

CART has a pronounced edge over traditional red teaming because of its consciousness. Because it is automated, it can replace people and reduce the cost of conducting red teaming while making sure that the security testing is not only periodic. Continuous automated red teaming is even designed to discover risks and attack surfaces on its own, not necessitating any human-initiated launching and inputs to undertake multi-stage attack simulations that evaluate networks, apps, policies, and even human behavior.

- Advertisement -

Advanced purple teaming

Another notable new approach used by leading cybersecurity platforms is advanced purple teaming. For those who have some background with red (attack) and blue (defense) teaming, the first thing that comes to mind upon hearing about this strategy is that it is a combination of the red and blue teams.

This preconception is not completely wrong, but it is also not exactly right. Yes, it combines the elements of the attack and defense cybersecurity teams, but it does not result in the creation of a new team with red and blue members. Rather, it is the adoption of a new mindset in conducting security evaluations.

Instead of keeping the two teams totally separate and independent, purple teaming enables some degree of collaboration to enhance each other’s abilities in achieving their respective goals. The blue team gets to see things in the perspective of the attack simulators for them to develop threat-aware defenses that anticipate lateral attacks and tweaks they would otherwise miss if they only focus on their defensive mentality. Similarly, the red team benefits from the collaboration by obtaining insights on how the blue team would likely plug vulnerabilities and respond to new attack tactics.

Purple teaming removes the problem of siloing that holds back the optimization of cyber defenses. It maximizes the scale of adversarial expertise, which leads to the crafting of new ways to scrutinize and bolster security controls that suit the unique cybersecurity environment of an organization.

As veteran international management expert who specializes in cybersecurity strategies and communication Tanya Candia explains, “Purple teaming is a proven way to provide stronger, deeper assurance — with more certainty — that the agency is being protected.” Through this approach in security testing, cybersecurity teams with opposing perspectives operate under unified overall goals. “The functions of both red and blue teams are taken on simultaneously, with members working together to enhance information sharing,” Candia adds.

- Advertisement -

Advanced purple teaming is a significantly improved way of undertaking purple teaming that employs automation. It is designed to make it possible to simulate attack scenarios that are automatically correlated to security control finding in examining breach detection functions as well as the capabilities of an organization to respond to security incidents promptly and effectively.

New but proven strategies

Many of the world’s top cybersecurity platforms and security solution providers have already embraced breach and attack simulation, continuous automated red teaming, and advanced purple teaming. These strategies in securing organizations may be relatively new, but cybersecurity professionals can vouch for their effectiveness in view of the new kinds of problems presented by cunning malicious actors in cyberspace.

They are not perfect silver bullet solutions that guarantee foolproof protection against attacks. However, they represent the advancement the cybersecurity industry has to offer to better handle the evolution of threats in the digital online world.

TAGGED: Cybersecurity Tools, enterprise cybersecurity
Matt James November 12, 2021
Share this Article
Facebook Twitter Pinterest LinkedIn
Share
By Matt James
Matt James is a veteran marketer & tech geek that has helped many large brands increase their online footprint. He specializes in influencer outreach and business growth.
- Advertisement -

Follow us on Facebook

Latest News

anti-spoofing tips
Anti-Spoofing is Crucial for Data-Driven Businesses
Security
ai in software development
3 AI-Based Strategies to Develop Software in Uncertain Times
Software
ai in ppc advertising
5 Proven Tips for Utilizing AI with PPC Advertising in 2023
Artificial Intelligence
data-driven image seo
Data Analytics Helps Marketers Substantially Boost Image SEO
Analytics

Stay Connected

1.2k Followers Like
33.7k Followers Follow
222 Followers Pin

You Might also Like

Big Data Security
Big DataITSecurity

Gartner Survey: 98% of Brands Are Negligent with Big Data Security

5 Min Read
cyber security tools
Security

Why Companies Should Leverage these Cybersecurity Tools?

8 Min Read
Ransomware attack
Security

Locky Ransomware Statistics: Geos Targeted, Amounts Paid, Spread Volumes and Much More…

6 Min Read

SmartData Collective is one of the largest & trusted community covering technical content about Big Data, BI, Cloud, Analytics, Artificial Intelligence, IoT & more.

ai is improving the safety of cars
From Bolts to Bots: How AI Is Fortifying the Automotive Industry
Artificial Intelligence
data-driven web design
5 Great Tips for Using Data Analytics for Website UX
Big Data

Quick Link

  • About
  • Contact
  • Privacy
Follow US

© 2008-23 SmartData Collective. All Rights Reserved.

Removed from reading list

Undo
Go to mobile version
Welcome Back!

Sign in to your account

Lost your password?