Abstract
The current industry standard for cybersecurity is risk mitigation, which is the identification, evaluation, and categorization of threats that are posed to an organization's network. The goal is to prevent attacks and if an organization is attacked popular standard is to react and remedy the attack. This form of cyber defense isn’t very reassuring to an organization and its users, once an attack is executed based on a study conducted by Booz Allen the average time an advanced persistent threat (APT) dwells on a victims’ network before it’s discovered is 200-250 days. That’s plenty of time for a malicious third party to extract valuable and personal data from an organization's network on its users and the organization. To prevent vulnerabilities like this organizations, need to reevaluate their network security methods and a newly proposed method of cyber defense is a cyber offense. Cyber Offense as a defense is already seen in some organizations but not widely accepted, these forms of offense can include but aren’t limited to threat hunting, red teaming, and ethical hacking.
Document Type
Paper
Disciplines
Information Security
DOI
10.25776/g5cq-2423
Publication Date
2021
Upload File
wf_yes
Included in
Cybersecurity: Building a Better Defense with a Great Offense
The current industry standard for cybersecurity is risk mitigation, which is the identification, evaluation, and categorization of threats that are posed to an organization's network. The goal is to prevent attacks and if an organization is attacked popular standard is to react and remedy the attack. This form of cyber defense isn’t very reassuring to an organization and its users, once an attack is executed based on a study conducted by Booz Allen the average time an advanced persistent threat (APT) dwells on a victims’ network before it’s discovered is 200-250 days. That’s plenty of time for a malicious third party to extract valuable and personal data from an organization's network on its users and the organization. To prevent vulnerabilities like this organizations, need to reevaluate their network security methods and a newly proposed method of cyber defense is a cyber offense. Cyber Offense as a defense is already seen in some organizations but not widely accepted, these forms of offense can include but aren’t limited to threat hunting, red teaming, and ethical hacking.