Cyber defense automation is imperative given bad actors, and rogue nations continually use more sophisticated techniques to disrupt and steal vital information from government agencies and companies. Automation is necessary to manage the staggering number of devices and endpoints. Analytics must be integrated with direct policy feedback without requiring human intervention or approval for all responses. Cyber-attacks are automated but still under human direction and control, and therefore cyber defenses must also be automated to have any chance of protecting cyber and digital assets from both the automated attacks and the human element behind those attacks.
Detecting and thwarting attacks and cleaning up the aftermath is a difficult task. Most cyber security systems are neither automated nor integrated. They operate as sets of individual tools which may have aspects of automation incorporated into them. For instance, automating the updating of signature catalogs is necessary but insufficient, as signature-based solutions are reactionary and are unable to detect zero-day and polymorphic attacks. An automated cyber defense system must provide better protection than this.
Read the full version of the whitepaper here, and you will also find information about:
- two key features in the advancement of network security and cyber defense
- securing IoT Devices and traffic between IoT Sensors and Cloud Analytics,
- securing Provisioned Blockchains,
- example applications.
The whitepaper was written by John Hayes, Founder and CTO at BlackRidge Technology and Doug Laird, VP Advanced Development at the same company.