U.S. Markets close in 4 hrs 48 mins

Former FBI Special Agent: We need to look at cybersecurity differently

As cybersecurity becomes a focus at the World Economic Forum’s annual meeting in Davos, Yahoo Finance is running a series of posts detailing ideas from top cybersecurity experts.

Leo Taddeo, a former FBI Special Agent in Charge of the Special Operations/Cyber Division at the New York Office and current Chief Information Security Officer for Cyxtera, argues that the approach to cybersecurity needs to change:

“Organizations must deal with the fact that adversaries are always one step ahead. Attackers only need to be successful once; defenders must stop them every time. The scales are overwhelming tipped in favor of the bad guys. To change the dynamics, we must take a fresh look at our defensive and offensive security posture.

People are seen as they pause during the World Economic Forum (WEF) annual meeting in Davos, Switzerland January 24, 2018. REUTERS/Denis Balibouse

Enterprises have spent a lot of time and money building protective walls around their networks but with ever-diminishing results. Today’s IT infrastructure is everywhere: on-premise, private clouds, and public clouds. Instead of defending the network perimeter, we must shift focus to securing user access to resources.

This can be accomplished using a modern security approach like that offered by a Software-Defined Perimeter (SDP) solution. SDP dynamically creates a one-to-one connection between the user and the network resources they are entitled to see. Policies are applied in real-time based on the security context presented when the user is requesting access. By limiting access, the attack surface is significantly reduced.

An example of how a software defined perimeter works. Photo: Cyxtera

Along with a robust defense like that offered by SDP, security teams must gain offensive insights into how far an attacker can run with a vulnerability. Most organizations don’t have the internal resources to go the extra mile here. An alternative is to engage with an offensive-oriented cybersecurity firm that offers specialized attack and assessment services, including penetration testing, application assessments, vulnerability analysis, reverse engineering, and a review of architecture and source code. Remember, an attacker only needs to be successful once; defenders must stop them every time.

Adopting the mindset of the adversary is essential. Only then can you gain a realistic picture of your organization’s exposure, which enables you to effectively mitigate risk. The last piece of advice is this: Don’t be afraid of what you find. Uncovering vulnerabilities is not an indictment on the security program, rather, it’s an opportunity to change the trajectory of the attackers’ first advantage.”

Read more expert cybersecurity advice for business leaders and policymakers.

Follow Yahoo Finance on FacebookTwitterInstagram, and LinkedIn