On today’s SecurityIntelligence podcast, cyberattack preparation takes center stage as global security intelligence analyst Alexandrea Berninger zooms in on IBM X-Force Incident Response and Intelligence Services’ (IRIS) new cyberattack preparation and execution frameworks.
Berninger and her X-Force IRIS teammates play a critical role in discovering how attacks take shape and empowering organizations to better understand cybercriminal behavior and then respond quickly and effectively. As Berninger explains, the newly released frameworks encompass everything from target selection to initial compromise and ongoing attack efforts. They also accommodate multiple attack types, such as advanced persistent threats (APTs), zero-day attacks, Trojans and commodity malware.
The Role of Cyberattack Preparation and Execution Frameworks
Listen in as Berninger explains how and why the cyberattack preparation and execution frameworks developed by X-Force IRIS emphasize attack preparation, which other leading models often overlook. By discovering the steps threat actors take before compromising networks, companies can harden their attack surface proactively. In addition, the frameworks offer insight into how attackers evade defenders and account for the “feedback cycle,” in which threat vectors may change as responders uncover key aspects of the incident.
IRIS experts recognize that the typical stages of an attack don’t always happen sequentially, and sometimes may not happen at all. Ransomware like WannaCry, for example, moves rapidly across lateral network services but conducts almost no internal recon. Threat intelligence tools must be able to account for this diversification.
Why Perimeter Defense Is Not Enough
As Berninger concludes, many organizations still invest heavily in perimeter defense as their primary protection against network compromise. The hard truth is that no network is completely safe. The business value of IT security is now derived from actionable threat intelligence that helps stop attackers in their tracks.
Want to learn more? Read the new X-Force IRIS white paper, check out the new SecurityIntelligence article and, of course tune in on iTunes, Soundcloud or you streaming service of choice to hear the complete podcast.