Shifting from Incident Response to a Preventive Approach to Cybersecurity
Hikvision Tips to Address Security Concerns, Rules to Create Hard-to-Hack Passwords
In the article, “The Incident Response Approach to Cybersecurity,” Security magazine presents the case for an alternative approach to cybersecurity that is focused on prevention first to address hackers and other security concerns.
From the article: “Traditional cybersecurity approaches are focused on reporting about intrusions after the fact, in what is known as an “incident response.” What this means is that an adversary–commonly referred to as a “hacker”–finds some way to gain access to a target and compromises it. The target can be accessed through vulnerabilities in web frameworks, internet browsers, or internet infrastructure such as routers and modems. Regardless of how they gain access, once an attacker is discovered, the forensics about the attack, including basic information known as Indicators of Compromise (IOCs) like IP addresses, domain names, or malware hashes, are shared across the cybersecurity community. These IOCs are then used broadly to thwart future attacks.”
The challenge with this approach is that it requires an organization to be a victim of an attack first in order to share information with others, leaving companies at the mercy of hackers. “All an adversary has to do is come from a new IP address or recompile their malware so that it has a new hash value (both of which are extremely trivial) and their attacks will sail through defenses that depend on IOCs. This after-the-fact methodology consumes a lot of resources and generates a lot of seemingly valuable metrics, but it is ultimately flawed,” according to the article.
A shift to preventive cybersecurity measures would mean more energy spent addressing methods used by adversaries such as hackers, instead of reacting to attacks as they happen. Proactive cyber analysts would then implement a methodology known as tactics, techniques and procedures (TTP) to identify cyber threat patterns before they happen. Read more at this link.
Hikvision has authored numerous cybersecurity blogs with insights to help partners address security concerns available online at this link. In a recent blog, “Hikvision Cybersecurity Director Outlines 3 Rules for Creating Good Passwords to Reduce Security Concerns and Hacking Risks,” Chuck Davis provides his tips for creating complex and hard-to-hack passwords.