In this article, I would like to explain what are the main purposes and reasons for the existence of the Defensive Network. As this will be a long journey I would appreciate any support and feedback from anyone with whom this will resonate.
As you might realize, the primary topic will be cybersecurity, but cybersecurity is directly connected to and dependent on many other areas, like availability, scalability, effectiveness, automation, continuous improvement, and testing, to name a few.
“Efficiency is doing things right and effectiveness is doing the right things.”
— Peter Drucker
In my career which has taken me to many different projects, challenges and mistakes I realized that even though each and every company of any size is unique, there are patterns in cybersecurity (not exclusively) that are applicable anywhere. Once you are able to see them and recognize discrepancies/anomalies, you can already predict which areas are going to fail. Those discrepancies are seen across all companies.
Effective cybersecurity is comparable to the ecosystem, where each part has its role, but improving only one part will not improve the performance of the whole ecosystem.
Cybersecurity parts must work well and all fit together and there are only a limited number of ways to achieve this. I will use this as a segway to the first point.
Provide guidance and best practices
Instead of a trial and error approach, information that you will be able to find on DN is covered by years of experience, often from very sensitive environments used by millions of customers, where availability, scalability, and security are primary objectives.
We will explain and guide you on how to implement each cybersecurity component, why it is important to do it in that way, and what can/will fail if not. All of it with enough information for you to adopt it within your company.
Areas that might be specific to your company and where you have more than one solid option on how to implement specific capability or process will be supported by best practices.
An example could be a security log collection. It's not that important which SIEM technology is used. How you collect the logs is far more important. They must be collected at the right time, with all attributes you need to do an investigation effectively, and correctly correlated and contextualized with other sources. In such a case we will provide best practices and expected capabilities, independently of the product name. You will then see if your current technology landscape can satisfy those requirements.
Challenge status quo
Assumptions are the most dangerous thoughts in cybersecurity. You might assume that your endpoint protection is configured properly, that its deployed on all endpoints, that only authorizes devices are connected to your network, that technology that cost your company millions can effectively block the specific threat as promised in the vendor sales pitch, but until you test it and continuously verify each aspect, you might be unpleasantly surprised.
“Your assumptions are your windows on the world. Scrub them off every once in a while, or the light won’t come in.”
― Isaac Asimov
If you believe that security capability or service is effective just because it was unreasonably expensive, or because it was implemented by a company that is one of the best in the industry, then you might soon experience a big Aha! moment.
Cybersecurity is not a product, it is a continuous process, which you always need to improve, validate, and verify. For that is important to have a team of smart and curious engineers, solid technology, processes, and procedures that can satisfy your needs. We will help you to identify which of them might work best for you.
Being vendor agnostic
On the market, you can find good products and poor products, but both can have the same price tag. We are not saying we will not mention any company as there some vendors, even in the open-source or startup segment, having products that are solid and innovative so we will provide credits to them, but never in return for something offered from them or via an affiliate link.
On the other side, there exist products in segments that are ineffective and expensive at the same time, so even after a couple of years, their value to your company will be close to zero. To save you a lot of your time, resources, and money we do believe it is part of our responsibility to raise our hands and point you in the right direction.
In that matter, we also plan to share with you technology requirements, test cases, and test criteria so you will see clearly which of them might be worth considering or evaluating.
Because the cybersecurity segment is complex and there are tens of companies in each segment providing often the same value, we plan to build a list of recommended technologies, but we will never prefer one vendor. We will give you multiple verified and tested options, so you can choose based on your own criteria, requirements, and test results.
That is our intention and we will do our best to be as independent as possible.
Build a community
We need feedback and to be challenged by constructive criticism. For that is important to build a community of experienced professionals who have expertise from multiple areas so they will raise their hands in case we overlooked something and contribute with their knowledge to all others.
Write high-quality articles on Medium
We decided to write premium articles mainly on Medium.com as Medium is to articles/stories what Spotify is to music. Most of them will be behind a paywall so our invested time in high-quality articles will motivate us further.
For those who do not have a subscription on Medium, we are still considering posting the same stories on the main website Defensive.Network for subscribed users paying a monthly fee. Tell us how you see it.
Continuously updating information
Nothing is written in stone here. Information and articles will be continuously updated based on the latest research, innovation, and your feedback. This is important to keep in mind, as Medium.com does not allow update of published date, so we will include changelog in our articles/diagrams/lists and notify you about an update on our networks.
Our long-term goal is to provide you with services that can help you simplify processes/procedures, measure the effectiveness of your security program, and collect information that is vital for your teams and company. Most of it in form of articles, but some information is changing every second and for that reason, we would like to build a set of services that will on your behalf collect, enrich and contextualize information from multiple sources, so you can then easily consume them in a normalized way and utilize in your systems.
We have many great ideas, but if you will share your key pain points with us we can prioritize those which can be helpful for most of our supporters.
- Help companies of any size to do Cybersecurity right
- Save their money and resources by keeping them away from ineffective products and methodologies
- Share best-practices, evaluation criteria, and use-cases so each company can do independent testing and research
- Build communities, exchange knowledge, share as crowdsource
- Provide services which will be beneficial to most companies
- Guidance on how to build an Adaptive Cyber Defense Ecosystem
This is not the end
This is just the start of our journey and more will come. It will take us a while to build initial content which will be then the solid base for advancement, but we will get there and with your support, we will have the motivation to keep on moving.
Cybersecurity is not difficult, it's just a complex ecosystem.
Get connected — Twitter, LinkedIn, Facebook
Credit notes — Diagrams we created using diagrams.net. Images were used from Unsplash, official sites, or Wikipedia, if not stated otherwise.
Legal notes — Opinions expressed are solely my own and do not express the views or opinions of my employer or anyone else.
* If you like it, please share it! If not, constructive criticism is welcomed.
* You can use this content in your materials, but only if you attribute.
* This article will be continuously updated, so feel free to bookmark it.