The primary objective of any organization’s security team is to reduce the risks involved in their processes. ISO-31000 standard defines risk as “the effect of uncertainty on the possibility of achieving the organization’s objective”. Lots of uncertainty there, right? Every organization is in search of the most effective yet affordable ways to manage risk. This blog talks about one of those “effective & affordable” ways: Moving Target Defense.
Moving Target Defense (MTD) strategies reduce the risk of a thoroughly planned attack because of its dynamic nature. With a continuous and dynamically changing attack surface, the difficulty of the attack goes up with time. Attackers are forced to spend a lot of time and resources on monitoring and assessing a changing attack surface for an indefinite period of time. It also minimizes the risk of data leakage as we can make sure that data in motion can take different routes through a system and data at rest can be shifted frequently.
MTD strategies considerably reduce the inevitable risk incurred in expanding or scaling the organization. In a static scenario, expansion of an organization invites more attacks as there’s a greater possibility of a vulnerability left exposed. While in the case of a dynamic security system, the asymmetric disadvantage imposed on an attacker increases. Hence, moving target strategies increase system entropy and efficiency over time and scale.
In the MTD approach, we do not focus on finding the attacker for blocking/mitigating an attack, instead, we focus on increasing the difficulty of the attack by changing the attack surface or dodging the attacks. Hence, reducing the possibility of any collateral risk associated with finding the attacker ourselves. These strategies not only work well with a known environment, but also in untrusted environments and networks where implementing usual security defenses might not be handy.
Apart from all these areas where MTD strategies reduce risk, they’re also a gratuity for your business as they increase the worth of existing controls and methods since it uses orchestration technique. Speaking in a simplified way, if an endpoint is exploited, shift the attack surface there, or if your cryptographic key is stolen, move your data and change the key. Hence, providing the best return on investment for your security controls without needing extra implementations. Win-win!
Moving Target Defense strategy has changed the face of cyber security in organizations. It is imperative for the Chief Information Security Officer (CISO) to consider allocating a budget for moving target defenses in their organizations. As the technology is evolving, it has made it possible for ihe smaller enterprises too, to leverage the benefits of moving target strategies into their security frameworks. It is a holistic approach towards a modern proactive information security management system, when compared to a passive approach towards risk management. Infopercept has been a pro active and keen participant in the field of cybersecurity. The Security Optimization Center (SOC) team at Infopercept not only ensures collecting of data logs and analyzing the threats but effectively acts upon it to minimize the damage to the organization’s infrastructure, and reduce the risks.