Your cybersecurity mission: To defend from within

Traditional network security and endpoint security have failed. 

One result has been the growing threat coming from cyber cartels with a simple modus operandi: Infiltrate the corporate environment via application attacks or application programming interface (API) attacks, and then use access to the environment to penetrate the systems of your customer base in what’s known as island hopping. 

When thinking about island hopping,  think SolarWinds or Kaseya: Both were victims of historic supply-chain attacks that spread to the two companies’ clients. Island hopping is a form of attack through which malicious cyber actors infiltrate organizations’ third-party partners, using them as access points from which to worm their way into a primary target’s network. Island hopping enables attackers to circumvent their primary target’s defenses by exploiting the networks of partners that are already trusted enough by the company that they’ve been granted network access. 

We need a strategy to combat these attackers head-on. That’s why Code Patrol sat down with Contrast's own Senior Vice President of Cyber Strategy Tom Kellermann to talk about how organizations must ensure that they're not only prepared to detect and report attacks, but that they’re also prepared to defend from within. 

We must accept that malicious actors will get into the environment. To prevent escalation, we must act. We must suppress these campaigns. We need to embrace the construct of intrusion suppression. We must treat each vulnerability as a potential attack. Continuous monitoring must extend to development, as context is paramount. 

It’s time we awaken to the stark reality that 100% prevention is impossible.  

Tom speaks from a wealth of experience defending the nation’s cybersecurity. He’s the former  head of cybersecurity strategy for VMware and chief cybersecurity officer for Carbon Black, before which he served on the Cyber Investigations Advisory Board for the U.S. Secret Service. In 2008, he was appointed to serve as a commissioner on the Commission on Cybersecurity for the 44th president of the United States. 

It’s time to gear up to defend from within, Tom says. “The game has really changed in today's world,” he says, and he should know:  Being deeply embedded in national security has led to death threats from Vladimir Putin’s oligarchs and minions. “The adversary  now doesn't want to just burglarize your home. They want to conduct a home invasion during Thanksgiving,” he says.

Or Christmas? Or Diwali? Or New Years, Hanukkah or fill-in-the-blank? 

Be prepared. Find out what “defend from within” entails and why you should care: Have a listen to the podcast.