In last decade technology has played a vital role in organizations endeavor to innovate, improve and transform. Technology has become ubiquitous at most of the organization's functions from strategic decision making to normal operations, thus facilitated in achieving the competitive advantage.
However high reliance on technology has also brought forth the risk of major disruption to business activities, with the potential to severely impact the organization's ability to serve to the customer, possible revenue loss as well as the brand. In addition to this, its misuse can even put person’s safety at stake.
The rising number of Cyber-attacks and the nature of attacks clearly suggest that the risk is real. The Cyber Security community has continuously evolved to protect the organization's interest and take the attackers head on.
The following are evolution is observed in the Cyber Security practices in last decade or so.
- Enterprise Centric Protection Focus on Collaborative Sharing of Information
- Risk-based approach focused on Crown Jewels Protection to No trust model to minimize the attack surface
- Compliance-focused Strategy to Data Protection Centric Strategy
Architecture Design and Configuration
- Standards Driven Controls Design to Controls Design driven by Attack lifecycle and Attackers Tools Techniques and practices
- Prevent, Detect, Respond to Prevent, Deceive, Detect+ (i.e. Predictive Analytics), Automated Response
- Signature or Rule-based Alerts to Analytics Driven Alerts or indicators
- Prevention Centric Defense In Depth approach to Detection oriented Integrated Network, Endpoint and Applications approach
- Role-based least privilege access to context driven access
- Point in time Status to Continuous Monitoring
- Incident Response based on Alerts to proactive Threat Hunting
- Port and protocol Analysis to Application and Content level visibility
- In-House Competence, on-premise tools to Security as a Service
- Tools based Reports to reporting based on Security metrics
Authored By - Himanshu Porwal
TCS Cyber Security Practice