Foundational steps to implement situational awareness

Foundational steps to implement situational awareness

  • 1Evaluate risk and business impact

  • 2Think like your adversary

  • 3 Adopt attack resistant practices

Evaluate risk and business impact

Not all business workflows and processes are created equal. Some are more critical than others.

Weigh in what matters the most to business for running day-to-day operations – think about what an adversary would like to go after and secure those very high-value assets (HVAs) first.

Think like your adversary

Your threat intel feed could be informing you of many potential zero-day attacks. But are all of them relevant to you? No. Besides, there could be numerous pathways to your networks and system, growing every day. Do you need to protect all of them? No.

Instead of analyzing each threat and trying to protect as many assets as you can, think like your adversary. Look at the possible high-value assets (HVAs) and map all the connections leading to it, and secure for it.

 Adopt attack resistant practices

Setting up a systemic manner where your team critically evaluates risk to specific assets prepares them better to understand, predict, and respond to threats. For example, a Tier 1 asset should be secured and evaluated first, followed by Tier 2 assets.

Additionally, measuring the Time to Compromise (TTC)the amount of time/effort likely to be expended by your adversary to compromise your HVAs, puts time by your side.  

Learn more about all this and more in this whitepaper prepared for Netenrich Inc. by EMA (Enterprise Management Associates).

1

Evaluate risk and business impact

Evaluate risk and business impact

Cybersecurity is the second highest risk for the enterprise after compliance, driving many boards of directors to improve core oversight activities. Boardroom discussions are beginning to address larger strategic questions like, “Is what we’re doing with security aligned with our goals for the business?”

2

Think like your adversary

Think like your adversary

Your threat intel feed could be informing you of many potential zero-day attacks. But are all of them relevant to you? No. Besides, there could be numerous pathways to your networks and system, growing every day. Do you need to protect all of them? No. 

Instead of analyzing each threat and trying to protect as many assets as you can, think like your adversary. Look at the possible high-value assets (HVAs) and map all the connections leading to it, and secure for it.

3

Adopt attack resistant practices

 Adopt attack resistant practices

Setting up a systemic manner where your team critically evaluates risk to specific assets prepares them better to understand, predict, and respond to threats. For example, a Tier 1 asset should be secured and evaluated first, followed by Tier 2 assets.

Learn more about this and more in this whitepaper prepared for Netenrich Inc. by EMA (Enterprise Management Associates).

Additionally, measuring the Time to Compromise (TTC) – the amount of time/effort likely to be expended by your adversary to compromise your HVAs), puts time by your side.

Download free whitepaper

How to achieve situational awareness with Netenrich for risk-aligned security

Situational awareness, though the ideal, is not easy to achieve.

It requires mapping all the resources, processes, and tools to what matters the most to a business to align and correlate it with vulnerabilities and pathways of compromises.

Doing so makes the security more proactive and predictive, but it requires attaining security and operational maturity. Netenrich helps you embrace situational awareness and helps organizations achieve their security goals by aligning it with business risk.

Get free access to whitepaper!

Learn the foundational steps required to implement a situational awareness approach to your security operations.