But an end-state security posture is not the end-all. Our security posture must also evolve as cyberspace, hackers, and attack strategies and methodologies evolve. We have seen how technology has developed at a fast clip in the last decade and it will continue to do so in the long haul. During the same period, we also observed that cyber attacks have increased in volume, velocity, and sophistication. A plan is a living document. Following its implementation, the end-state must be monitored, tested, and evaluated, thereafter improved and vulnerabilities corrected, and the plan adjusted. It is a continuous process that will help us refine our security posture and respond to new and evolving threats.
Key to improving our security posture is knowledge.
"Now the reason the enlightened prince and the wise general conquer the enemy whenever they move and their achievements surpass those of ordinary men is foreknowledge."
Mike Rothman pretty much sums it up, "In the Introduction to the Early Warning System series, we talked about the increasing importance of threat intelligence for combating advanced attackers by understanding the tactics they are using right now against our defenses. With this intelligence, combined with information about what's happening in your environment, you can more effectively prioritize your efforts and make better, more efficient use of your limited security resources." (https://securosis.com)
"In respect of military method, we have, firstly, measurement; secondly, estimation of quantity; thirdly, calculation; fourthly, balancing of chances; fifthly, victory. Measurement owes its existence to Earth; estimation of quantity to measurement; calculation to estimation of quantity; balancing of chances to calculation; and victory to balancing of chances."
"Hence in the wise leader's plans, considerations of advantage and of disadvantage will be blended together."
The chief information security officer must be situationally aware of his environment, of resources available at his disposal, of events occurring, and of tactics employed by hackers in order devise the appropriate response to an attack. A continuing flow of threat intelligence information will provide agility and flexibility in adjusting and reconfiguring his team's response.
Cooperation, Collaboration, and Coordination
Global and borderless as cyberspace is, we cannot live in silos as we exert efforts to defend our ICT infrastructure. Sun Tzu suggests:
"In a country where high roads intersect, join hands with your allies."
To further strengthen our security posture, we must work in close partnership with experts outside our organization and with local and international bodies to learn from them. In the face of attacks we or our allies experience, we must respond in the spirit of cooperation, coordination, and collaboration.
"The art of war teaches us to rely not on the likelihood of the enemy's not coming, but on our own readiness to receive him; not on the chance of his not attacking, but rather on the fact that we have made our position unassailable."
Sign up for CIO Asia eNewsletters.