Go To Home

How to stop attacks – 5 ways Top CSOs do it

by Smokescreen Team

CSOs stop attacks

Leading companies are changing their approach to cyber-security.
Here are the top 5 ways successful CSOs stop attacks:

  1. Focusing on detection and response

    Preventive controls are ineffective against modern attacks that always find a foot in the door. Modern practitioners assume compromise has occurred, and build detection & response capabilities, instead of trying to plug every single loop-hole. Changing their mindset from prevention to detection is then perhaps the #1 way in which CSOs stop attacks.

  2. Making security alerts actionable

    In an average week, companies face 17,000 security alerts, most of which are false alarms that lead to real problems not being dealt with in time. CISOs are opting for technologies with very low false positives (less than 1% of alerts), freeing security teams to act on real threats instead of false positives.

  3. Increasing internal network visibility

    ‘Dwell time’ (how long an attacker is undetected in the internal network) is usually measured in months or years. Top security leaders are focusing on internal network visibility to reduce the dwell time to minutes and thwart attacks faster.

  4. Removing the human element in monitoring

    Analysts monitoring screens in shifts has proved ineffective as people can’t find suspicious patterns in huge volumes of security data. CISOs of leading companies now favour automated attack detection which reduces dependence on human analysts and lowers operational costs.

  5. Catching attacks early with threat intelligence

    Detecting an attack during the planning stage is incredibly powerful as it can be mitigated before it even begins. CISOs are setting up early warning systems to detect when they are targeted and give the security team the time advantage.

Sources: Analysis of targeted attacks in the last 3 years, surveys of C-level executives tasked with security, and 2014 – 2015 industry research reports.

#strategy

Continue Reading

  • The pragmatic security leader’s guide to deception technology

    When evaluating deception technology, look at three key components of the solution to ascertain how effective it will be in your environment – visibility, realism, and fingerprintability.
    By Sudarshan Pisupati
  • Using deception to shield the insurance sector

    Insurance companies are under siege from cyberattacks. We take a look at some of the key pieces of an insurer’s infrastructure the adversaries target and how you can use deception to build active defenses.
    By Sudarshan Pisupati
  • Finding active defense opportunities in a pentest report

    Pentest reports tell a story. By asking why a pentester made certain choices, you can find opportunities to influence attacker behavior and actively defend your network.
    By Sudarshan Pisupati
  • Have you tried out IllusionBLACK yet?
    • Detect zero-days, APTs, and insider threats
    • 10x the detection capabilities with 1/2 the team
    • Get started in minutes, fully functional in hours
    Schedule a demo
    Go to home

    Simple solutions for detecting and containing threats. Working with us does not break the bank or your spirit. We’re the company of choice for offensive security teams with a Net Promoter Score of 70+.

    © 2015-2021 Smokescreen. All rights reserved.

    Solutions For
    Web Application AttacksLateral MovementRansomware AttacksTargeted ThreatsSocial EngineeringMalware-less Attacks