What is Proactive defence ? “ In the past , the common defence assumption of security teams was that an organisation was not compromised until proven otherwise . This was in alignment with the perimeter defence approach . With the changing of the paradigm into the mental model of ‘ Assumed Compromise ’, organisations now have to act as if the attackers are already in their environment . Still , making a working assumption that adversaries have access to the environment is different from assuming they have achieved their goals of stealing sensitive information or performing other impactful attacks like ransomware .
“ In most mature organisations , for attackers to have a substantial impact or potential economic benefits , they would need to perform quite a complex operation , jumping from place to place carefully exploiting any potential ‘ digital holes ’ found .
“Observability and detection are vital for the response aspect of security . Simply put , if you can ’ t detect it , then the chance for a timely response to a cyber incident is low ”
ARIEL LEMELSON HEAD OF CYBER DETECTION & RESPONSE , BOOKING . COM
Booking . com : Traveling to the Future of Cybersecurity
cybermagazine . com 125