Demerara Waves published an article on November 12th, 2017 about a Canada-based Guyanese cyber-security expert that urged an international conference to engage in threat hunting
Nik Alleyne, Senior Manager of Cybersecurity at the Forsythe Solutions Group, urged Chief Information Security (CISOs) to transition from reactive to proactive strategies when handling cyber threats. Nik advised that they should be following up alerts if they want to stay ahead of hackers.
- Nik stated that reactive strategies have failed at the International Cybersecurity and Intelligence Conference held in Toronto.
- His recommendation for information security teams is to preserve Threat Hunting, Predictive Analysis, and their related tools as a baseline for proactive protective measures.
- When security administrators are able to differentiate anomalies present in computer networks, the detection time is reduced considerably.
- It will also be necessary to perform regular vulnerability assessments and penetration tests in order to maintain proactive protection.
- “Organizations have to be proactive”, Nik mentioned in an interview, “both in the way they defend their networks, and more importantly how they detect because obviously prevention mechanisms haven’t done the job we expect them to do.”
- Nik’s advisory for small and medium-sized firms that may not have the resourced to conduct these proactive operations, such as threat hunting should consider outsourcing their security to managed security providers.
- In the occurrence of a breach, He advised that information security professionals should also conduct thorough investigations to understand, when, where, how, and who did it. By effectively tracking incidents, the decision for response becomes clearer.
Contributed by: Jason Jacobs from Guyana. Jason is a member of the CCST Discord group from the G5 Cyber Security Foundation Ltd. Learn more about CCST (Caribbean Cyber Support Team) by visiting caribbeancst.org. CCST is a collaborative group on the Discord platform for Caribbean people in IT, from beginners to experts.