Abstract

The current industry standard for cybersecurity is risk mitigation, which is the identification, evaluation, and categorization of threats that are posed to an organization's network. The goal is to prevent attacks and if an organization is attacked popular standard is to react and remedy the attack. This form of cyber defense isn’t very reassuring to an organization and its users, once an attack is executed based on a study conducted by Booz Allen the average time an advanced persistent threat (APT) dwells on a victims’ network before it’s discovered is 200-250 days. That’s plenty of time for a malicious third party to extract valuable and personal data from an organization's network on its users and the organization. To prevent vulnerabilities like this organizations, need to reevaluate their network security methods and a newly proposed method of cyber defense is a cyber offense. Cyber Offense as a defense is already seen in some organizations but not widely accepted, these forms of offense can include but aren’t limited to threat hunting, red teaming, and ethical hacking.

Document Type

Paper

Disciplines

Information Security

DOI

10.25776/g5cq-2423

Publication Date

2021

Upload File

wf_yes

Share

COinS
 

Cybersecurity: Building a Better Defense with a Great Offense

The current industry standard for cybersecurity is risk mitigation, which is the identification, evaluation, and categorization of threats that are posed to an organization's network. The goal is to prevent attacks and if an organization is attacked popular standard is to react and remedy the attack. This form of cyber defense isn’t very reassuring to an organization and its users, once an attack is executed based on a study conducted by Booz Allen the average time an advanced persistent threat (APT) dwells on a victims’ network before it’s discovered is 200-250 days. That’s plenty of time for a malicious third party to extract valuable and personal data from an organization's network on its users and the organization. To prevent vulnerabilities like this organizations, need to reevaluate their network security methods and a newly proposed method of cyber defense is a cyber offense. Cyber Offense as a defense is already seen in some organizations but not widely accepted, these forms of offense can include but aren’t limited to threat hunting, red teaming, and ethical hacking.