Page 41 - Cyber Defense eMagazine Special RSA Conference Annual Edition for 2022
P. 41

“Know                  your              enemy,”                    and              other


              cybersecurity lessons from Sun Tzu’s Art

              of War



              The key on the cyber battlefield, like on the traditional military battlefield, is understanding
              that there will indeed be many battles

              By Shmulik Yehezkel (Colonel, res), Chief Critical Cyber Operations Officer at CYE
              Security



            As  a  cybersecurity  professional  and  a  reserve  field  officer  in  the  Israeli  military,  I  have  found  many
            valuable insights on the pages of The Art of War, written by the fifth century Chinese military general Sun
            Tzu. One particular but often overlooked passage titled “Attack by Stratagem” is particularly relevant
            today as we face an infinite number of cyber threats and ever-growing lists of vulnerabilities.  More than
            ever, we need to prioritize—both what we need to protect in order to keep businesses and organizations
            running, and what attackers are likely to target–and this powerful passage that has been guiding warriors
            for centuries holds important wisdom on how to do that, and why it is so important:

            “If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know
            yourself but not the enemy, for every victory gained you will also suffer a defeat. If you know neither the
            enemy nor yourself, you will succumb in every battle.”


            Let’s fast forward 3,000 years and break this down in terms of cybersecurity, where we are indeed facing
            hundreds of battles everyday.



            “Know your enemy”

            In our line of work, it is crucial to define and locate potential threats. For example, I have worked in
            organizations that did not take the time to understand the impending threat and instead spent their time
            building an elaborate defense system to fend off only general and vague persistent threats. Conversely,
            I have worked with some of the most sensitive of security teams that were so focused on one particular
            threat that they did not dedicate enough resources towards building a comprehensive defense system.
            Both examples did not take these simple three words into account.

            The key to an effective defense strategy is defining who the threat actor is and what threats they are
            making. In cyber terms, this means tracking the threat actors’ TTP, or tactics, threats and procedures, to
            learn more about them. But that is not all; organizations must act on the intelligence they have, including
            using it to help them hire appropriate cybersecurity professionals. For example, if organizations determine





                                                                                                              41
   36   37   38   39   40   41   42   43   44   45   46