Chess as cybersecurity strategy.

December 4, 2019 posted by


I always like to use analogies, so here let’s
use a chess board as a way to describe a company’s cybersecurity strategy Now, the security team has already made strategic investments in things like AV, Mobile Device Management, Patch Management, Vulnerability Assessment, and EDR/EPP. All of these pieces are in place to protect
the king, which is corporate information. The security team has spent time, effort,
and dollars selecting each of these tools and has them in place to protect their organization
while they move forward. Like chess, you don’t just place the pieces
and stop, you have to keep moving forward. So despite focusing efforts on being secure, the organization has to let employees do their jobs, and some of the things they do are inherently risky. Imagine that this chess board is one user
and one device. In a company with 50,000 employees there are 50,000 simultaneous chess games happening at any given time. There’s really no way to see every one of
them at once since the games are constantly going on each board is in a different status. Now, you could send an alert every time an
opponent makes a move, but very quickly that starts becoming noise and it takes a lot of effort just to figure out which moves actually require attention. Our thought is that by connecting to all of
the different systems that manage the pieces, we can then see all of the boards and understand
when something isn’t sufficiently protected. By always knowing which devices and users
don’t have the required EDR or are unknown to vulnerability scanners the Axonius platform
can then notify security teams to take action. In many cases it can automate the steps necessary
to ensure proper coverage. With a comprehensive view of all users, devices,
and security solutions, Axonius lets security teams know when things aren’t the way they
want them, and it does so on an ongoing basis.

No Comments

Leave a Comment

Your email address will not be published. Required fields are marked *