While large businesses usually see protection from physical threats such as trespass, industrial espionage or armed assault as essential, the need for defense against advanced cyberthreats is not always so obvious.<\/p>\n<\/blockquote>\n
Fighting targeted cyberattacks has a lot in common with physical protection. Let\u2019s consider the three fundamental principles for dealing with a physical breach, and see how these can improve a company\u2019s cyber defenses.<\/p>\n
1.\u00a0\u00a0\u00a0 Realize you\u2019re under attack<\/h2>\n
Before dealing with any attack, you need to know<\/em> you\u2019re under attack. That means noticing suspicious activity and linking it to a plot.<\/p>\n Let\u2019s say you\u2019re at the office late in the evening, and the alarm system goes off on the second floor. A security officer goes to find out what\u2019s wrong. At the same time, a pizza delivery person arrives and hands a pizza over to someone from accounting, gets their money and leaves.<\/p>\n That\u2019s all perfectly normal, but if you look closer, you may notice a string of coincidences. The alarm went off at about the same time a few days ago, accountants (unlike IT staff) don\u2019t typically order pizza, and this one usually complains about gluten intolerance. Putting these clues together, a perceptive security officer might ask some questions.<\/p>\n The same principle applies to detect cyberattacks. Separate activities inside the network might not, on face value, show an organization is under attack. But look at the bigger picture, and it might suddenly seem critical to investigate. Threat management and defense<\/a> do just that: automatically detects and flags malicious patterns behind separate, simpler, seemingly unrelated activities in the network.<\/p>\n Coming back to our mystery pizza scenario, to begin investigations, the security officer could go to the camera room and look through the recordings. She would know there are smart cameras all around, letting her see any corner of the office at any time, and the records can\u2019t be erased.<\/p>\n On the footage, the security officer sees the pizza delivery person jumped out of a black minivan\u2026 not the usual vehicle for pizza delivery, right? The gluten-intolerant accountant didn\u2019t order a pizza; he ordered spy equipment that he\u2019s planning to plant under the CEO\u2019s desk.<\/p>\n Like smart cameras, anti-targeted attack software<\/a> reviews network traffic for security purposes. Endpoint Detection and Response<\/a> (EDR) software watches for cyber-threats too. It sees what\u2019s going on at end-user devices (desktops, laptops, mobile devices) and gives the retrospective data needed for an investigation, even when devices are compromised, or when cybercriminals have destroyed or encrypted data to cover their tracks.<\/p>\n Whether investigating physical or cyber-breaches, expertise and intelligence are the most valuable assets.<\/p>\n<\/blockquote>\n To spot the right things at the right time, you need to know where to look. That\u2019s why it\u2019s so crucial that security teams in large corporations get the right training and experience.<\/p>\n There\u2019s also information. Access to police reports and databases is helpful in physical corporate security. In the scenario I\u2019ve described, the security guard could run the minivan license plate numbers through the police system to see if it\u2019s been stolen or used in similar operations.<\/p>\n And once again, the same applies to investigate cybersecurity incidents. You can use threat intelligence data<\/a> tailored to your industry or location, and you can get specialized training for your IT security team<\/a>; you can even outsource cyberthreat protection to an experienced third party<\/a>.<\/p>\n We\u2019ve seen that in many respects, you can use the basics of protecting your premises when building your cyber fortress.<\/p>\n With these solutions and services combined, your teams will get ahead of the cybersecurity agenda. You will always have the answer to even the most advanced attacks.<\/p>\n","protected":false},"excerpt":{"rendered":" Defending against advanced cyberthreats is the same, in many ways, as defending buildings. Here\u2019s why.<\/p>\n","protected":false},"author":2545,"featured_media":31956,"template":"","coauthors":[3605],"class_list":{"0":"post-31949","1":"emagazine","2":"type-emagazine","3":"status-publish","4":"has-post-thumbnail","6":"emagazine-category-cybersecurity","7":"emagazine-category-scale-your-business-business","8":"emagazine-tag-cyberattacks"},"hreflang":[{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/secure-futures-magazine\/cyberthreats-physical-stronghold\/31949\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/secure-futures-magazine\/cyberthreats-physical-stronghold\/21830\/"}],"acf":[],"_links":{"self":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/emagazine\/31949","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/emagazine"}],"about":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/types\/emagazine"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/users\/2545"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/media\/31956"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/media?parent=31949"}],"wp:term":[{"taxonomy":"author","embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/coauthors?post=31949"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}2.\u00a0\u00a0\u00a0\u00a0 Start investigating<\/h2>\n
3.\u00a0\u00a0\u00a0\u00a0 Know where to look<\/h2>\n
![\"cyberthreats](\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/92\/2019\/12\/25143833\/081_cyberthreats_as_a_physical_stronghold-_finish-inline-1-1024x576.png\")
\n<\/p>Build your cyber fortress<\/h2>\n