they  are  facing  threats  from  state-backed  actors,  they  need  to  make  sure  they  have  cybersecurity
            professionals on their team with experience in military or government IT or cyber divisions.

            When you can understand the mindset of your enemy, you remain one step ahead in many ways.


             “Know yourself”
            Immediately following the awareness of the enemy, Sun Tzu tells us to know ourselves.

            In our experience in the industry, we have seen organizations totally unaware of their assets or which of
            them required protection. For example, as thousands of organizations, from Apple to Belgium’s defense
            ministry, continue to deal with the ongoing global Log4J vulnerability, millions more are likely not even
            aware that they use this open-source library, and are thus exposed to what the top U.S. government
            cyber security official has called one the most serious vulnerabilities ever.  In general, in more than 75%
            of the cases in which we have handled an attack over the years, the victimized organization did not even
            know the layout of its networks. In fact, attackers knew and understood the networks and assets better
            than these organizations.

            In addition, organizations need to quantify risk, to understand what attacking each of their digital assets
            ultimately means for the business. Depending on what they hit, cyberattacks have different effects on an
            organization or business, from shutting down its website to obtaining proprietary information like customer
            details or intellectual property to sell on the Dark Web, to disabling essential services like gas pipelines.



            “If you know yourself but not the enemy, for every victory gained you will also suffer a defeat.”
            Cybersecurity today is a combination of knowing yourself and the enem. Even if a company has carried
            out thorough security testing and prioritized all of its assets in relation to overall business risk from cyber
            attacks, but still  doesn’t fully understand the most likely enemies or potential attackers–and respond
            accordingly– it will not only still suffer defeat many times, but will be unprepared in case an attack does
            happen.

            Understanding the enemy and what they may want helps companies make appropriate and effective
            contingency plans in case attacks happen. For example, if organizations know that attackers are likely to
            ask for ransom, they can seek legal advice on the matter and understand the ramifications of paying,
            which often does not actually lead to recovering all data. Or, if they know that attacks are likely to come
            via the software supply chain, they can plan accordingly, including offering extra training on cyber hygiene
            to their entire workforce. Today, responding to a cyber attack is no longer just about dealing with data
            recovery, but it has far-reaching legal, financial and even physical consequences, like interrupted utility
            services or frozen assembly lines.


            ”If you know neither the enemy nor yourself, you will succumb in every battle.”

            After the above discussion, this last sentence is obvious in its meaning. But it also serves as a warning,
            as many organizations remain woefully unprepared. Blindly investing in more and more technology and
            tools or basing security on compliance with regulations is not enough.





                                                                                                              42