"Measuring the effectiveness and the implementability of a procedure is burning need for organizations"
Measuring the cyber defense capability in the enterprise
Cyber security is ever changing and this dynamic nature of the problem requires a dynamic solution to the problem. Threats are ever changing; therefore handling manuals for specific threats are quickly outdated. New attacks need to be learnt and handling procedures need to be drafted to be strong in the game. Further, validating the relevance of these procedures in the time of attack is important as well. Measuring the effectiveness and the implementability of a procedure is burning need for organizations.
Organizations that have invested in an active cyber defense program will feel the need to monitor and review
• the capability of the team to detect the latest threats,
• the preparedness of the team to detect attacks at all times and
• the situational awareness of the team to recognize threats and respond to them based on the available intelligence .
The Solution
In recent years, cyber-attacks have increased tremendously in bandwidth and technique. The cyber drill project comprised of 30 + attack scenarios including DDoS and application level
attacks which were recently used to compromise many company and government websites. These attacks were launched from three different cloud providers..
The ability to detect and respond to such attacks was tested through a structured cross monitoring and global Security Incident management process. Assessing the readiness of the organization in successfully handling the cyber-attack during the drill helped in identifying the
possible lapses in current security and incident response policies and procedures that needed addressing.
Simulated Attacks
The cyber security drill has been recognized as an innovation on account of its sheer scale and the uniqueness like-
• 100 + virtual zombies across 3 different clouds
• Geographic spread across 5 continents & 2 SOC (Security Operation centers) locations
• Automation & synchronization across clouds
• Dynamically provisioned and de provisioned attack hosts
Key Benefits of the cyber security drill project were as below
• The organization is prepared better to handle different types of cyber attack
• Addressed the gaps identified in the incident management process.
• Implemented better compensatory controls
• Examined incident response and enhance information sharing.
• Provided understanding of technology development to secure IT assets
The future of measurable security
Security measurementis no longer notional, there are several standards& metrics in security that makes it measurable and makes individuals in the space accountable for their actions. The criticality and success of an organization’s cyber defense program will warrant
serious measures to ensure continual improvement.