3. Move beyond the penetration test -- leverage red teams. There is a big difference between red team actions and penetration test results. A red team will take a system down when and where it really matters to the business, whereas a pentest will pretty much only point out that "there is a vulnerability that needs to be fixed."
Concerted efforts to move from traditional pentests to security programs that incorporate red teams should be made by organizations that truly care about securing their environments. Organizations really need to figure out what the real vulnerabilities are within their environments. "Shake it and make it bleed. ... break it and own it," says Marcus.
4. Have an extensive internal CERT team. It is important to bring in trusted security partners and solution providers that an organization already relies on for protection technology. Marcus says "don't just view your vendor as the AV DAT guys -- they know a lot about malware and other attack methods. Leverage their knowledge, expertise, and manpower."
5. Establish partnerships for information sharing. The next big boom in cybersecurity will surround intelligence and attribution. It will be critical for organizations to not only detect they are under attack, but to also know who wrote the attack such that the authorities can then locate the source behind the attack.
Information is golden, though many organizations fail to utilize the information they (and their adversaries) have available. It's clear, a strong cyber-defense can be gained from leveraging open source intelligence. This begs the question, when was the last time your organization checked to see what the public knows about your environment?
Sean Martin is a CISSP and the founder of imsmartin consulting. Write him at email@example.com.
Read more about wide area network in Network World's Wide Area Network section.