If your administrator can do it, an adversary can do it.

Unknown

the key to an effective Cyber resilience strategy

 A cyber resilience strategy recognizes that despite organizations' best protection measures, adversaries may succeed in breaching boundary defenses and further compromise a defender’s system.

When this situation occurs, organizations must employ countermeasures to detect, outmaneuver, confuse, deceive, mislead, and impede the adversary—that is, “removing the adversary’s tactical advantage and protecting the organization’s high-value assets. [1]

To maintain confidence in the trustworthiness of an environment of operation, organizations should implement a continuous cyber resilience assurance cycle, which “is intended to identify where, how, and when cyber resiliency techniques can be applied to improve architectural resiliency against advanced cyber threats” (MITRE [2]). 

The ten abilities that exhibit mastery of well-executed cyber-resilient strategies are: 
  1.  The organization can predict adversary attacks. 
  2.  The organization can prevent adversary attacks. 
  3.  The organization can prepare for adversary attacks. 
  4.  The organization can fight through cyberattacks. 
  5.  The organization can contain or defeat the adversary. 
  6.  The organization can determine damages caused by a cyber adversary. 
  7.  The organization can restore. 
  8.  The organization can determine reliability. 
  9.  The organization can transform existing processes and behavior. 
  10.  The organization can re-architect.

[1] Enhanced Security Requirements for Protecting Controlled Unclassified Information, NIST 800-172
[2] Cyber Resiliency Assessments: Enabling Architectural Improvement

Search