According to Merriam-Webster online dictionary, cybersecurity is a noun that means the “measures taken to protect a computer or computer system (as on the Internet against unauthorized access or attack.” Forbes.com offers a list of cybersecurity threats, which include:
- Scams through social networks such as Facebook and LinkedIn, in which perpetrators may try to friend or follow someone to get information
- Advanced Persistent Threats (APTs) breaching embedded networks with sophisticated, difficult-to-detect attacks to gain information
- Bring Your Own Device (BYOD) trend, which can leave networks open for attacks when BYODers don’t follow proper security regimens
What You Can Do to Protect Your Networks
Consider the Observe, Orient, Decide, and Act (OODA) loop as one of your tools to combat cybersecurity threats. Military strategist USAF Colonel John Boyd developed this methodology as part of the combat operations process, but it can also be easily applied to cybersecurity. According to Boyd, decision-making happens as part of a recurring cycle of observe-orient- decide-act. An individual or an organization that processed this cycle quickly, observing and reacting to unfolding events more rapidly than an opponent, can get inside the opponent's decision cycle and gain the advantage.
In the case of cybersecurity, the ability to observe and react to threats more rapidly than the attacker significantly enhances your network security. Observation is cybersecurity’s foundation. Monitoring and collecting network performance and event log data can provide important information on what is happening on the network – especially if anything unusual is happening.
Orientation shapes the way you observe networks, systems, and applications. For example, you can correlate network traffic with device and application log data to identify the sources, destinations, and generators of network intrusions.
After observation and orientation, you can formulate a hypothesis and decide on the correct course of action, based on the data you have gathered and the overall risk management profile of your organization.
Finally, you can act on the cybersecurity threat. Action may consist of taking automated actions to respond to the threat or it may include actions you perform, such as ensuring implementation of the latest software patches and updates.
Whatever you do to combat cybersecurity threats, make sure you gather feedback and document the response process, so you can ensure improvement, speed, and process repeatability. Having the right tools and information are also key to success in battling cyber threats. To find out more about tools and strategies for defending your network, see the SolarWinds whitepaper,Cybersecurity - A Practical Approach to Actionable Intelligence.