How To Prevent Advanced Cyber Attacks In 2021
In today’s episode of life of a CISO, Dr. Eric Cole sneaks into the opponent’s locker room and take their playbook.
Because as supposedly advanced as the attacker is, they are always going to start with the simple attacks.
All the advanced security measures are ineffective if the basic foundation of security isn’t there.
Listen to this episode to find out the three advanced techniques to keep hackers from getting at your critical data.
In this episode:
- 0:00 Intro, the 25th Episode
- 0:48 What happened in 2020?
- 1:17 We (CISOs) have to step it up, not exaggerate our attackers’ ability
- 3:03 Don’t expose yourself to dangerous situations just because you can
- 3:46 If we’re sloppy, we shouldn’t make excuses
- 5:23 Over the next few months, the attack will be worse than reported
- 6:22 Several executives will sell off stock
- 7:33 The lesson: Most attacks were preventable
- 8:36 Advanced adversaries don’t always attack in advanced ways
- 10:24 If we don’t secure the foundation, it doesn’t matter how advanced the attacker is
- 12:30 How to be an ethical attacker
- 14:50 Why attacks get through
- 16:32 Break this down
- 17:27 The rule of 90%
- 18:02 In most of our life, 90% is pretty good
- 21:08 If you think you are 100% secure, you are not 100% secure
- 21:34 The next level are these 3 things:
- 23:25 Application white listing
- 25:27 The gym story: It doesn’t matter if you can’t do the advanced, if you can’t do the basics, you won’t make it
- 28:59 Segmentation
- 30:08 Outbound filtering
- 31:10 I just gave you the opponent’s playbook