Cyber Defense Tips to Rival the NSA
Vložit
- čas přidán 25. 07. 2024
- Cyber defense is much more than security. “Security” can be misleading since it encourages people to think in terms of secure or insecure. This way of thinking leads to an overemphasis on preventative measures. Just like the human body, you need many more layers than that. A good cyber defense will also focus on deception, detection, and response in addition to prevention. In this video, we cover the four most important principles of cyber defense.
#1 Security Architecture:
You can’t defend what you can’t see. It’s really hard to build strong cyber defenses if the foundations aren’t sound. Security architecture is about improving visibility in the network through segmentation. You also want to maintain a good asset inventory and map to quickly identify what’s even there. Implementing policies like blocking removable media or blocking protocols are also architectural in nature.
#2 Security Monitoring:
Every asset connected to the network needs to generate telemetry. This gives you visibility into the activity occurring on them. Network traffic itself should also be sent to an IDS sensor like Snort or Zeek to generate security data from it. These logs should be aggregated and synced to a centralized location for monitoring. A team of analysts can build systems to detect and alert on anything anomalous. This team serves as the backbone of the network’s cyber defense.
#3 Implement Choke Points
For effective security monitoring, it’s key to limit the paths devices can communicate on. Blocking outbound traffic by default is the best way to do this. What is allowed to traverse the network then needs closer inspection. The best way to do this is to force clients to use a local DNS resolver or web proxy to access the Internet. Any traffic not destined for these inspection points is automatically suspect. What does go through can then be analyzed against blocklists or a reputation scoring service. Choke points not only restrict an attacker’s maneuverability but also make it easier to conduct proper cyber defense.
#4 Harden Systems with a Security Baseline
Systems running default configurations are highly vulnerable to generalized attacks. Deploying a security baseline on your assets ensures a consistent level of hardening against them. It also helps with managing change configuration on your network. Authorities like CIS, NIST, DISA, or vendors will all provide recommendations for different types of systems. These include operating systems, applications, phones, and network appliances. Whether it’s scripts, Group Policy Objectives, or Ansible playbooks, they’ll also offer ways to automatically apply baselines too.
00:00 Intro: How to Improve Cyber Defense For Your Network
01:11 The Biggest Misconception in Cyber Security
02:52 Traditional v. Modern Cyber Defense
05:02 Security Architecture & Building a Defensible Network
07:44 Principles of Security Monitoring: Assets & Endpoints
09:40 Create Choke Points In Your Network For Inspection
12:11 Collect Traffic With Network Security Monitoring
14:13 Hardening Systems with a Security Baseline
16:52 Strategies for Implementing Your Cyber Defenses
👍 LIKE AND SUBSCRIBE 📺
---- Resources ----
Rob Joyce’s talk at USENIX Enigma 2016:
• USENIX Enigma 2016 - N...
#CyberDefense #DFIR #Cyberspatial - Věda a technologie
What do you think are the most important aspects of a good cyber defense?
Active Threat hunting and analysis
Asset management and situational awareness
Incident response and architecture
Risk management framework with a solid cost benefit analysis to help an organization select the most effective controls for their type of information asset and risk appetite
Turn your fuckin Internet off
backup all data logs
Layers,layers,layers...
people training awareness and crypto startegyst on usage on criticals assets
The quality on your videos are so far above most CZcamsrs that have millions of subscribers and an unlimited budget. Keep up the great work! Best cyber sec channel for sure!
Really appreciate the kind words. Thank You!
Totally Agree with you ! I'm glad I found this channel.
Agreed
We really appreciate such high quality videos ❤️
Thank You!
Just luv dis Video Dude , Literally no-one talked about Cyber Defense till now...except u
Thank you!
I appreciate the amount of effort and energy you put to produce these videos.
Really appreciate it!
I don’t usually watch full videos but yours was an exception.
Definitely loved the content delivery please never stop making this content
Dude, this was like 6 months of Cyber Defense training in 18 minutes. Thanks!! (Subscribed)
You are addictive this morning, thank you for sharing your brilliance!!!!
Wow, thank you!
Sounds like you’ve taken some of the SANS courses! - Great content!!!!
Wish SANS made these videos instead!
Your editing is just stellar, really- since I started watching these videos I also can't help but wonder where you work. They must be lucky!
When it comes to knowing oneself, I prefer this quote from the game Alpha Centauri:
“Information, the first principle of warfare, must form the foundation of all your efforts. Know, of course, thine enemy. But in knowing him do not forget above all to know thyself. The commander who embraces this totality of battle shall win even with the inferior force.”
-Spartan Battle Manual
I’m a total nerd, yes, but this is especially relevant to anyone trying to defend their organization from threat actors with superior resources (such as foreign states, which may be trying to infiltrate your networks and even your physical building to conduct espionage; I’m sure Boston Dynamics, for example, has these concerns).
Or course I’m not discounting Sun Tzu. The Art of War is a fantastic book on how to deal with conflict. A great deal of it though is about diplomacy and _avoiding_ direct conflict through shrewd statesmanship and subterfuge. I’m not sure those parts are terribly relevant to cybersecurity, since we’re basically in a state of constant, open warfare at this point.
Excellent points! And I love nerding out!
The idea of deception, diplomacy, and avoiding conflict is probably the heart and soul of AoW.
Recommend reading Unrestricted Warfare, one of the first books discussing cyber warfare as a lateral alternative to kinetic warfare. Can avoid violence through informational means.
Though from your perspective of avoiding cyber conflict, maybe the way to win is to respond in the kinetic.
www.cyberscoop.com/hamas-cyberattack-israel-air-strikes/
Thanks for sharing!
@@Cyberspatial Thanks. I'll definitely be looking those up...in between the studying for certs omg my brain ow
Man I wish I could put a ring on your channel. You have amazing content and I don't stress that enough!!! I always recommend this channel to people who take interest in cyber security. This is gold for nerds haha
Really appreciate the kind words :)
This is such a good editing!
Glad you enjoyde watching!
1 Day the NSA, CIA or the Homeland security will Hire this Man
Too kind!
This is one of your most useful videos yet. Thanks!
Glad it was helpful!
This channel is really a hidden gem, subscribed and if i can do it 1000 times more i would do that.
What a brilliant video.
Excellent information with great example really good learning curve. Thanks and appreciate it.
Glad you enjoyed it!
Very intelligent! Definitely an Expert!
This channel is magnificent. Thank you.
Thanks for watching!
Great video - you make a complex topic easy to digest
Glad you appreciate it :)
Awesome video with so much research
Thanks! 🙌
So smooth and pretty neat 👏🏻
Thank you! Cheers!
Great Video as always
Thank You!
Awesome Video!!!!!!!
Thank you!
Waow that was very dense in information. Thanks man
PRO TIP: for people new in cyber security like me, watch on 0.5x or 0.75x to be able to digest all of this amazing information.
Good video.
Highest of quality 🙌
Thanks!
THANKS, ALOT FOR THE EDUCATIVE LESSON
You're welcome!
Brilliant
Worth information 🙌
Glad you liked it
I hardly understand your video content but I know it's really awesome to those who do. LOL
Hope the analogies helped :)
I'm still in high school, and I have an insurmountable amount of interest and curiosity when it comes to cybersecurity, and I'm very interested in pursuing it as my career, especially once I have completed high school. This begs the question, where do I start? What are some methods of education and self-education? And how do I maintain a consistently high amount of motivation when learning? I have no idea what path to take in order to start, as well as how to continue down it once I take it. Knowing this information would be a tremendous help. Thanks in advance!
Thanks for the questions!
- Definitely start now and not later.
- Start by reading books or PDFs recommended by the community.
- Find a mentor by trying to add value to them first
- If no mentor, find a learning buddy. Iron sharpens iron.
- Community college classes are a great way to meet people and learn on the cheap.
- Don't force yourself to learn things that don't interest you. It's okay to bounce around fields in the discovery phase.
- Build a home lab
- Build relationships with people you meet who are already in the field.
@@Cyberspatial Great, thanks for responding. Just a few questions:
1. Are there any books that you yourself would recommend?
2. What do you mean by "mentor," and how exactly do I find one?
3. How would I go about putting myself out there in the community?
Appreciate the great vids, just wanted to ask your opinion on how much networking experience should I get before becoming a pen tester? Like should I do a few years as a network engineer first?
You can learn pentesting now, though having a year or two of networking, especially LINUX networking will be tremendously helpful.
Thanks 👍
Hi
Can you please make more videos about cybersecurity and network. I have been following you for long time and I really love all of your videos, so please more videos.
Wish could be faster!
What wallpaper are you using that is displayed on the monitor, would love to have it. Thanks
Please upload a video on Pegasus
u r awsssm bro
?
Your contents are really awesome. But, I feel like you cover a lot in a day, can you suggest from where one can start cybersecurity?
Start with a home lab and learning system administration
Thanks
@@Cyberspatial Thank you
8:42 SIEM stands for Security INFORMATION and Event Management. Not Incident.
Good catch 👍 I've seen it both ways before, but Information is right.
If your developing your cyber security arsenal just remember the less you have to code the better. You shouldn't reinvent the wheel because of ego or diy attitude. Because open source tools are freely available and have been developed for similar tasks. It's better to modify there source at most or make a plugin for it. You should only really need to write configs and simple utils.
Great content. Thanks. Can you suggest me tool to monitor network bandwidth and traffic for an organisation?
Netcrunch, splunk, logic monitor and Wireshark this are tools to use gui mode no need to code. I am a security analyst google
ntop-ng
Still good video ❤
Everyone hit the nail on the head, adding comments to feed the yt algorithm
>watching these even though I know nothing about networking and am not setting up security networks for any businesses
Hope it doesn't bore you!
@@Cyberspatial its actually pretty entertaining!
Cyber defense is exhausting 😂❤❤ but seems fun
Hey. Can you please make a video on best books to read according to you. For IT in general? Like your top ten or top twenty list for the best books?nn
That's a great idea, like a series of book reviews?
@@Cyberspatial yes something like that. I'm new to the IT industry and its difficult to figure out which books to refer to. So u could help us filter out the most important books of all time. I saw in one of your videos you said read books a lot.
Where did you find the video of the girl juggling @1:33? She looks so familiar.
Actors appear in lots of different stock footages. You may have seen her in another one.
Hello, is anyone able to share the NIST publication?
I've been searching for it but with no luck.
I'm studying cybersecurity so I'm making a research. This video is very helpful, thanks!
I've founded it if anyone wants to read it: nvlpubs.nist.gov/nistpubs/Legacy/SP/nbsspecialpublication500-19.pdf
For me is just commando or flare😉
Please can I get the link of the Rumble app by HD Moore ASAP
And also for me to get into cybersecurity at what least age should I start preparing
i wanna start my own cyber security channel any advice ? sir
Produce content that you want to watch but can't find.
Question where should i start
First understand the operating system windows,linux,macos. I mean how they work. and learn this program PowerShell, python because this two languages are used in hacking and defence. I am a security analyst in Google.
@@thorchris7353 linux user never know window can be user in this field
Iit is not about using. I understand what are you saying. you know what is the base language for windows
@@thorchris7353 yeah the c family and linux is mostly python or go or javascript base before i which to cyber field i was into python ai on c++ games
Start by reading books on computer and network security
Facebook is very sketchy! I'm curious why you would recommend a harvesting tool made by them?
Facebook as an advertising and social media company is a bit different than the team running their security operations and open-sourcing internal projects.
@@Cyberspatial That makes sense, thank you!
Hi bro I need a small help please
Dont for get about making passwords complex and complicated to crack.
Probably some kind of multi-factor is better in a remote enterprise environment.
I have a feeling the keyword in the title may have reduced this video's exposure to potential viewers. Curious.
Government networks secure? *explodes in laughter*. Cooperate models are far and away better than most Gov nets.
i see its not just cybersecurity you know. what? did u study Biology too? LOL!
I have learned some biology before. Having as many mental models as you can is super useful!
I have noticed that when you talk, you sometimes don't take long enough breaths/have a long enough pause to breath long enough so you run out of oxygen and have to speak fast, pronounce words a bit strange, etc. Now I am not saying that I can do this talking thing as good as you, but I have seen how the good CZcamsrs do it so this is just some constructive criticism from a random person on the internet.