After spending 8 years as a security professional, I replaced my skillset in cybersecurity to cyberdefense, the newest buzzword in the information security space.
What is CyberDefense?
CyberDefense, as most experts believe, is a part of a cybersecurity strategy with a defensive approach. Rather than identifying vulnerabilities and fixing them, cyber defense focuses on defending the infrastructure using monitor-detect-act approach.
Why CyberDefense is important
Imagine a city in the imperial ages. This city is guarded by a fortress with larger walls surrounding each side.
If we understand this from traditional information security perspective, once the walls are constructed, they are “audited” for presence of holes or fillings which could be used to create an opening. An expert can also demonstrate “survivability” of the walls in attacks like brute force, or probably a person can bypass the wall by jumping across or digging a tunnel below.
These vulnerabilities are reported, fixed, and the walls are “updated” according the recommended measures.
However, the walls themselves are not sufficient to protect the city.
Watchtowers around the walls keep an eye on incoming people, and identify “patterns” that would be malicious. Obviously you need someone up there.
Then, there are scouts, who themselves are roaming around, learning more information about your enemies.
The data collected by scouts is sent to the security headquarters, which is then further processed to provide intelligence to the watch towers so that they can detect suspicious activities efficiently.
Broadly, the following figure outlines the process of cyberdefense
CyberDefense is not new. Earlier, it was considered to be a small part of cybersecurity but now modern-day threats require us to revisit this concept and make it a primary mechanism for CyberSecurity.
Do you have a CyberDefense strategy? Let me know in the comments!