Limiting Damage Post-Breach

          It is important to attempt to contain the fallout as best as possible. One must, however, first assess the level
          of damage already done. Notify law enforcement if necessary, then engage in damage limitation. Limiting
          damage post-system breach can take shape through a number of strategies.


          These measures include rerouting network traffic, filtering the attack, and isolating network
          components. The approach will differ based on the type of attack. Isolating all parts of a
          compromised network can prevent the infection from spreading. Filtering or blocking is often used with deni-
          al-of-service attacks, such as ransomware attacks.


          If you find yourself in a ransomware attack, do not pay the ransom. One should be working against the cy-
          bercriminals, not with them. Work with law enforcement to discover the source of the attack and combat it.


          Future Protection Trends

          One trend to protect against data breaches is increasing the number of required security checks. This aims
          to decrease the chances of malware going unnoticed and corrupting data systems.


          Increased integration of AI is another current trend to improve protection against cybercrime. AI is better
          able (than humans) to efficiently check for vulnerabilities in systems. It is also able to discover and respond
          to cyberattacks in under a second. In the case of the SolarWinds attack, millions of employees didn’t even
          notice the attack for months.
          Future Industry Trends
          One key future industry trend is ‘cyber threat intelligence’. Cyber threat intelligence helps people increase
          their understanding of the typical behavior of a cybercriminal. This means that they are better able to react
          appropriately and timeously to attacks.

          An example of this is the institution of Cyber Fusion Centers, which takes a strategic approach to integrate
          technologies, processes, and teams.  Even so, there are significant challenges to
          operationalizing intelligence in such a way that prioritizes activities for cyber defenders.

          Businesses moving on to the ‘cloud’ is another popular trend in the industry. The popularity of this shift is well
          justified too. Using the cloud is far more efficient and more secure than traditional
          storage methods.


          Supply chain attacks are a rising threat, with a high potential for serious consequences. Defense strategies
          are integral to the survival and safety of any business. Having a water-tight data
          protection plan is wise, especially in this current climate of ever-increasing cyber threats.

























             27    Cyber Defense eMagazine – April 2021 Edition
                   Copyright © 2021, Cyber Defense Magazine.  All rights reserved worldwide.