Page 98 - Cyber Defense eMagazine August 2023
P. 98
infallible, and with the right defenses and knowledgeable defenders, those adversarial supply chains can
be disrupted.
The State of Cybersecurity
Threat actors are constantly active and evolving, and we are all definitely hearing about more and more
ransomware attacks today. As security measures become more advanced and third-party defenders help
reduce vulnerabilities, one would hope that the volume of these attacks should be dwindling. It’s true that
bad actors are on the rise, but it’s also true that current disclosure requirements may be driving a lot of
the activity we see in the news today. An attack which might have been quietly handled completely out
of sight of the public and the government a few years ago is much more visible today.
Despite all of these challenges - adversaries working with one another through their supply chains, using
evolving tools and techniques in an effort to crack open your own supply chain at a weak point - there is
still reason to be optimistic. While preventing these types of attacks is always preferred, mature
organizations today recognize that prompt and timely detection of these attacks may be even more
important. You want to know where “patient zero” is within your environment, and to be able to take action
early in a ransomware attack, before it spreads and spirals out of control. After all, if you can’t see what’s
happening on your network, if you can’t see what’s happening on your endpoints, you may not see the
attack until it’s too late. Don’t be afraid to ask for help.
About the Author
Ben Smith is Field Chief Technology Officer with NetWitness. He brings
more than 25 years’ experience in the information security, risk
management, networking and telecommunications industries; his prior
employers include RSA Security, UUNET, and the US Government, along
with several technology startups. Smith holds industry certifications in
information security (CCISO, CISSP), risk management (CRISC), and
privacy (CIPT); he is an acknowledged contributor to NIST SP 1800-1, -3,
and -7 and he chairs the Cybersecurity Canon Project. He is a patent
holder, a published contributor of four of the “97 Things Every Information
Security Professional Should Know” [O'Reilly, 2021] and previously
served as a corporate representative to the National Cybersecurity Center of Excellence (NCCoE). Ben
can be reached online at https://www.linkedin.com/in/bnsmth/ and at our company website
https://www.netwitness.com/.
Cyber Defense eMagazine – August 2023 Edition 98
Copyright © 2023, Cyber Defense Magazine. All rights reserved worldwide.