Many in Cyber Security tend to focus on the security event (the “Boom”) and mitigating the impact after (to the right of) the Boom. To build true Cyber Resiliency, we need to spend as much, if not more, time to the left of Boom, building the processes for responding to the Boom or better yet, the protections necessary to prevent them.
The best response is the one that avoids the Boom in the first place. A new twist in this discussion is whether the Boom is a single big event or a series of small Booms meant to be less detectable. In a recent interview with US Navy Cyber Operations Command, they stated they now assume that threat actors are already inside their systems and plan accordingly.
This means a continuous process of search and destruction working both to the left and right of a series of small Booms.
Let us know what you think: