You are right. I haven’t published the first and second steps yet, but this seemed more pertinent and urgent because these days it’s not a matter of if your organization will face a cyberattack, but when. Yet, many corporate boards still treat breach readiness for digital resilience as a technical side issue rather than a core priority.
I am Agni, a Cyber Defense Evangelist at ColorTokens, and this article is part of a series where I elaborate on how enterprises can assure their stakeholders that they are prepared to face cyberattacks. I intend to share more about breach readiness in later posts. So, without much ado, here is how digital ghosting contributes to digital operational resilience.
As the industry struggles to contain the continuously increasing number of cyberattacks, despite increased investments in cybersecurity, more and more enterprises are beginning to focus on the value of cyber defense capabilities to #bebreachready when building resilience in digital operations. As cyber defense takes center stage, digital ghosting is evolving as a breach readiness strategy (with associated tactics and techniques) to obscure the traces of digital systems by focusing on stealth, evasion, and denying access to critical digital systems.
This obscurity makes detection and attribution difficult, giving credence to the philosophy of “you cannot attack what you cannot see,” which improves deterrence and discourages cyber attackers. Making systems inaccessible is not new; it has always been possible, but it was never an objective to achieve when designing a breach-ready posture. Digital ghosting requires careful planning and a powerful software capability to obfuscate digital systems. However, with advancements in microsegmentation technology, what looked like a complex and time-consuming problem until now, is now something modern tools make this easy.
It is now possible to achieve digital ghosting within days by progressively reducing inward and outward communications from each digital system. This means that modern and informed cyber leaders and boards now have the option to utilize proactive denial as a foundational technique to render systems inaccessible to attackers while addressing the expectations of authorized users to access applications and other digital systems, particularly for critical digital systems.
However, such techniques require enterprises to document how digital systems interact with each other and with external systems at data centers, the network edge, cloud platforms, and industrial systems (OT, ICS, CPS, IIoT, IoMD, etc.). Most farsighted and agile CISOs are adopting these mechanisms to anticipate and contain cyberattacks by using modern panoptic visualization capabilities in microsegmentation tools. Because such tools focus on breach readiness, security teams would not only know which digital systems across the enterprise are more critical to maintaining a Minimum Viable Digital Business than others, but they would also learn which of these interactions are riskier than others.
This helps cybersecurity leaders develop a digital ghosting plan, ensuring the availability of critical digital systems for authorized users when needed. The plan also ensures that digital systems are obscured from other systems and users based on specific triggers from the digitally connected enterprise. It is this feature that acts as a deterrent against potential cyberattacks, because suddenly vulnerable systems are digitally “ghosted”, thereby hardening the digital enterprise.
As I mentioned earlier, this is the third step when building a breach-ready capability. The Mission-Critical Assurance by Zero-Trust Enforcement program includes Step 1: Establishing the baseline context of digital business and Step 2: Modeling cyber defense and building playbooks and many others.
More details are underway. Stay tuned and follow me on LinkedIn.
Should you be interested in how ColorTokens Inc. turned out to be the first vendor to score a perfect five on all categories by Gigaom, click here.
If you want to know more about cyber defense and breach readiness strategies, drop us a note here.
This article was originally published on Medium.
