This essay has been submitted by a student. This is not an example of the work written by professional essay writers.
Business

What does “breach assume” mean to a business?

Admin 21 Apr 2024

Pssst… we can write an original essay just for you.

Any subject. Any type of essay. We’ll even meet a 3-hour deadline.

GET YOUR PRICE

writers online

What does “breach assume” mean to a business?

It means you’ve accepted the fact that an attack is going to succeed no matter what, and you’re going to build our defenses accordingly.

Assuming the role of Chief Information Security Officer (CISO), what measures would you lead, including technology and policies, to ensure that your company was in a stable breach assume posture?

This means assuming that an attacker has compromised the main systems and may have full administrative rights on the unscoped network, so there should be segregation in controls between the zones. Separating authentication domains, internal firewalls, and divergent anti-malware solutions is a good idea to ensure that whatever broke into the outside network won’t use the same methods to break into the scoped network. The key is rigid segregation to ensure that failures can’t cascade through interconnected systems into the systems in the scope.

.           Since I am expecting attackers on our networks, I want to know what they’re doing and then jump on them as soon as possible. This means leaning harder on tools like threat intelligence, logging, and security incident response. It also necessitates that you already have a good idea of where all our important data is stored (and in what state? encrypted?), and what software should be running on machines. Again, this is resource-intensive, which is why it’s easiest to concentrate these efforts on our scoped systems and the scope barriers.

Part of this visibility is using threat intelligence to monitor darknets and data breach notification services to see if or when our organization’s identities or intellectual properties become known to hackers. It also is useful to look for our organization’s IP addresses on things like reputation blacklists, botnet command, and control (C&C) networks or peer-to-peer file sharing nodes.

Visibility can also mean laying booby traps such as honeypots and alarmed fake data entries to detect when intruders are moving around inside our networks. Deceptive defenses such as these work very well rooted in the scoped network since, by definition, there is less traffic and activity there to trigger an alarm.

Lastly, our incident response process and the team should have their jobs down cold. Living in an Assume Breach world means that their services will be needed. In the middle of an incident is not the time to figure out who does what and who is going to notify the proper authorities.

 

  Remember! This is just a sample.

Save time and get your custom paper from our expert writers

 Get started in just 3 minutes
 Sit back relax and leave the writing to us
 Sources and citations are provided
 100% Plagiarism free
GET CUSTOM ESSAY
Copyright © 2016
error: Content is protected !!
×
Hi, my name is Jenn 👋

In case you can’t find a sample example, our professional writers are ready to help you with writing your own paper. All you need to do is fill out a short form and submit an order

Check Out the Form
Need Help?
Dont be shy to ask