Defender vs. Attacker

• Defender is in the “position of the interior”
• Defender serves an organizations goal; attackers have unlimited resources
• Defender must defend all points; attackers targets the single weakest link
• Defender can only defend against known attacks; attackers can probe for unknown vulnerabilities
• Defender must be constantly vigilant; attackers can strike at will
• Defender must play by the rules; attackers can play dirty
• Attackers can use technology of the future that’s not available to the defender
• Defenders security depends not only on its own investment and effort, but also dependent on the security of others
• • Even if a company proactive on cybersecurity, its partners may not be
  • Attackers are proactive about finding the weakest link in a value chain
  • • i.e., Service providers, suppliers, third party (and fourth party) vendors
  • • e.g., Company A might be secure, so attackers will attack their (less protected) law firm
• Data is becoming less centralized
• • Changing from protecting the data center and its perimeter to…
  • … the actual data itself via access management, DLP, encryption and authentication

Types of Attackers

Class I – Clever Outsiders

• Very intelligent but insufficient knowledge of the system
• Have access to moderately sophisticated equipment
• Take advantage of existing weakness 

Class II – Knowledgeable Insiders

• Substantial specialized technical expertise
• Varying degree of understanding with potential access to most of the system
• Have highly sophisticated tools and analysis instruments

Class III – Funded organization (i.e., Nation states)

• Team of specialists with great funding resources
• Capable of in-depth analysis, designing sophisticated attacks and using the most advanced tools
• They may use Class II adversaries as part of the attack team

Let us help you change your mindset and address cybersecurity