Intelligent CIO LATAM Issue 19 | Page 54

FEATURE : CYBERSECURITY

KNOWING HOW THESE ATTACK GROUPS WORK IS NOT ONLY INTERESTING , BUT IT ALSO PROVIDES INVALUABLE INTELLIGENCE THAT CAN HELP ORGANIZATIONS STRENGTHEN THEIR SECURITY POSTURE .

looking to achieve provides an advantage in frontline defense , strategy planning and – when the worst happens – incident handling .
1 ) Cybercriminals work collaboratively , which enables them to become specialists
A shopping expedition on the Dark Web will turn up individuals or teams touting their ability in specific elements of the attack kill chain . There are teams who are all about password spraying , others who are entry specialists , yet more who will manage a ransomware attack for any ‘ client ’ who pays .
They come together in attack groups that evolve regularly , each time adjusting agreed group ethics and approach to reflect internal debate and power struggles . What can we learn from this ? Aside from the importance of threat intelligence to keep abreast of trends and live threats , we can learn that collaboration is powerful .
If security teams network and information share – and are prepared to work with the competition in the best interests of everyone – then we too can be nimble , well informed and prepared . And this collaboration is essential within the organization too .
Too often security tools are disconnected from one another and fail to provide the security team with the holistic view necessary to detect a multivectored attack kill chain . In order to disrupt highly organized attacks , security teams need to ensure their security tools are tightly integrated and can share relevant intelligence , such as indicators of compromise , in real-time .
2 ) Malicious actors use cloud infrastructure for their attacks
They do this for a couple of different reasons . Cloud infrastructure is inherently agile ; attackers can spin up their infrastructure quickly and inexpensively – then dismantle and start again if their operation is compromised .
They are also drawn to the fact that – by using the very same cloud services as the organizations they are
54 INTELLIGENTCIO LATAM www . intelligentcio . com