A cyber strategy is a documented approach toward various aspects of cyberspace. It is mostly developed to address the cybersecurity needs of an entity by addressing how data, networks, technical systems, and people will be protected. An effective cyber strategy is normally on par with the cybersecurity risk exposure of an entity. It covers all possible attack landscapes that can be targeted by malicious parties.

Cybersecurity has been taking center-stage in most cyber strategies because cyber threats are continually becoming more advanced as better exploitation tools and techniques become available to threat actors. Due to these threats, organizations are advised to develop cyber strategies that ensure the protection of their cyber infrastructure from different risks and threats. This chapter will discuss the following:

• How to build a cyber strategy
• Why do we need to build a cyber strategy?
• Best cyber attack strategies
• Best...

In the 6^th century BC, Sun Tzu said, “If you know your enemies and know yourself, you will not be imperilled in a hundred battles; if you do not know your enemies but do know yourself, you will win one and lose one; if you do not know your enemies nor yourself, you will be imperilled in every single battle.” This quote still applies today to cyber strategies, and explains why it is so vital to understand both your business and the risks posed to it by threat actors: doing so will form the basis of a strong cyber strategy that helps protect your business from attack.

To build a cyber strategy, there are three major pillars that you need to form a solid foundation:

Figure 3.1: Foundations of a cyber strategy

These three components are crucial to understanding what makes a cyber strategy effective.

1 – Understand the business

The more you know about your business, the better you can secure it. It’s...

Organizations are constantly dealing with threats emanating from hardened professionals in cyber attacks. It is a sad reality that many intrusions are carried out by nation-states, cyber terrorists, and powerful cybercriminal groups. There is an underground economy of hackers that facilitates the purchase or hiring of intrusion tools, techniques, and personnel, as well as the laundering of monetary proceeds from successful attacks. It is often the case that attackers have far more technical expertise in cybersecurity than the average IT employee. Therefore, attackers can leverage their advanced expertise to easily bypass many cyber defense tools set up by the IT departments in many organizations.

This, therefore, calls for a redefinition of how organizations should deal with cyber threats and threat actors, because leaving the task to the IT department is just not enough. While hardening systems and installing more security tools would...

One of the best ways to secure an organization is to think like a hacker and try to breach the organization’s security using the same tools and techniques that an adversary would use.

Testing the defense strategies can be done either via external testing from outside the network or internally. These testing processes aim to ensure that the implemented security strategy is effective and aligns with the objectives of the business processes.

The sections that follow highlight some of the best cyber attack strategies that organizations should consider when testing their systems.

External testing strategies

These testing strategies involve attempting to breach the organization externally, that is, from outside its network. In this case, cyber attacks will be directed at publicly accessible resources for testing purposes. For instance, the firewall could be targeted via a DDoS attack to make it impossible for legitimate traffic to flow...

The bottom line of cybersecurity often comes down to the defense systems that an organization has in place. There are two defense strategies that organizations commonly use: defense in depth and defense in breadth.

Defense in depth

It is also referred to as layered securing and involves employing stratified defense mechanisms to make it hard for attackers to breach organizations. Since multiple layers of security are employed, the failure of one level of security to thwart an attack only exposes attackers to another security layer. Due to this redundancy, it becomes complex and expensive for hackers to try and breach systems.

The defense-in-depth strategy appeals to organizations that believe that no single layer of security is immune to attacks. Therefore, a series of defense systems is always deployed to protect systems, networks, and data. For instance, an organization that wishes to protect its file server might deploy an intrusion detection...

It is no longer just enough to have a cybersecurity strategy in place. The functioning of the cybersecurity strategy you have developed needs to be proactive to benefit you the most, given the possible negative effects of a successful security incident. A proactive security strategy essentially focuses on anticipating threats and doing something about them before they happen. Some of the benefits of having a proactive approach to cybersecurity are listed below:

• A proactive approach is less costly compared to a reactive approach. A reactive approach to cybersecurity means you develop systems and policies that focus on reacting to security incidents after they occur. The danger of such an approach is that if your organization is faced with a new type of threat, the organization may not be fully poised to handle the consequences of such a threat. This will probably lead to much higher costs compared to having a proactive...

The recent past has seen an increase in security incidents and many businesses falling prey to threat actors targeting data or other informational assets from these organizations.

However, with the careful development of cybersecurity strategies, it is still possible to keep your business secure enough in these challenging times. Some of the top cybersecurity strategies that can be implemented to help improve the security posture of your organization include:

• Training employees about security principles
• Protecting networks, information, and computers from viruses, malicious code, and spyware
• Having firewall security for all internet connections
• Installing software updates
• Using backup copies
• Implementing physical restrictions
• Securing Wi-Fi networks
• Changing passwords
• Limiting access for employees
• Using unique user accounts

We will discuss each of these...

This chapter has looked at cyber strategies, their necessity, and different strategies that can be used when developing them. As explained, a cyber strategy is an organization’s documented approach toward different aspects of cyberspace. However, the key concern in most cyber strategies is security. Cyber strategies are essential because they move organizations away from assumptions, help centralize decision making about cybersecurity, provide details about the tactics employed toward dealing with cybersecurity, give a long-term commitment to security, and simplify the complexities of cybersecurity. This chapter looked at the two main approaches used in writing cyber strategies, the attack and the defense standpoints.

When written from the attack perspective, cyber strategies focus on the security testing techniques that will be used to find and fix security vulnerabilities. When written from a defense perspective, cyber strategies look at how best to defend...

The following are resources that can be used to gain more knowledge about the topics covered in this chapter:

• United States’ cybersecurity strategy: https://www.dhs.gov/sites/default/files/publications/DHS-Cybersecurity-Strategy_1.pdf
• Australia’s cybersecurity strategy: https://www.homeaffairs.gov.au/cyber-security-subsite/files/cyber-security-strategy-2020.pdf
• Bank of Canada’s cybersecurity strategy: https://www.bankofcanada.ca/wp-content/uploads/2019/06/cyber-security-strategy-2019-2021.pdf
• Developing a National Strategy for Cybersecurity (Microsoft): https://www.microsoft.com/en-us/cybersecurity/content-hub/developing-national-strategy-for-cybersecurity
• UK Government National Cybersecurity Strategy: https://www.gov.uk/government/publications/national-cyber-security-strategy-2016-to-2021
• ENISA National Cybersecurity Strategies: https://www.enisa.europa.eu/topics/national-cyber-security-strategies
...