CyberSecurity vs CyberDefense – The line is drawn

After spending 8 years as a security professional, I replaced my skillset in cybersecurity to cyberdefense, the newest  buzzword in the information security space.

What is CyberDefense?

CyberDefense, as most experts believe, is a part of a cybersecurity strategy with a defensive approach. Rather than identifying vulnerabilities and fixing them, cyber defense focuses on defending the infrastructure using monitor-detect-act approach.

 

Why CyberDefense is important

Imagine a city in the imperial ages. This city is guarded by a fortress with larger walls surrounding each side.

If we understand this from traditional information security perspective, once the walls are constructed, they are “audited” for presence of holes or fillings which could be used to create an opening. An expert can also demonstrate “survivability” of the walls in attacks like brute force, or probably a person can bypass the wall by jumping across or digging a tunnel below.

These vulnerabilities are reported, fixed, and the walls are “updated” according the recommended measures.

However, the walls themselves are not sufficient to protect the city.

Watchtowers around the walls keep an eye on incoming people, and identify “patterns” that would be malicious. Obviously you need someone up there.

Then, there are scouts, who themselves are roaming around, learning more information about your enemies.

File:Frederic Remington The Scout Friends or Foes.jpg

The data collected by scouts is sent to the security headquarters, which is then further processed to provide intelligence to the watch towers so that they can detect suspicious activities efficiently.

Broadly, the following figure outlines the process of cyberdefense

Cyber Defense Lifecycle

CyberDefense is not new. Earlier, it was considered to be a small part of cybersecurity but now modern-day threats require us to revisit this concept and make it a primary mechanism for CyberSecurity.

Do you have a CyberDefense strategy? Let me know in the comments!

 

 

2 thoughts on “CyberSecurity vs CyberDefense – The line is drawn

Leave a Reply

Your email address will not be published. Required fields are marked *