BUSINESS surveillance
CISOs should also consider implementing a Zero Trust Network Access( ZTNA) framework and softwaredefined wide area networking( SD-WAN).
Event Management( SIEM) systems and additional tools such as traditional border firewalls, intrusion prevention systems( IPS), web application firewalls( WAFs), multifactor authentication( MFA), privileged access management( PAM) and network microsegmentation. This combination of advanced detection and data protection and recovery solutions creates a robust threat defence.
CISOs should also consider implementing a Zero Trust Network Access( ZTNA) framework and software-defined wide area networking( SD-WAN).
Minimising the attack time
With the average time it takes to detect a breach taking over 100 days, this gives attackers ample time to discover and exfiltrate data from a breached network. Therefore, it’ s essential to minimise the time attackers have to steal this data. Decreasing the time between network compromise and detection from months to hours is critical to reducing a breach’ s impact. This is where an advanced NDR solution comes into play.
When attack activity is detected, the next step is to help prevent lateral movement by the attackers or their software within the network. Once the defenders respond to the attackers with wellprepared incident response plans, teams can swiftly isolate and help remove network threats. This cuts off the attacker’ s access and prevents further damage.
Breaking the attack chain
The cyberattack chain, also known as the cyberkill chain, is a framework that outlines the steps or stages involved in a cyberattack. It is crucial to understand the cyberkill chain is for effective defence, which occurs in seven stages: Recon, weaponise, deliver, exploit, control, execute, maintain.
A toolset that combines early network threat detection with robust data protection and
64 WWW. INTELLIGENTCISO. COM