Cybersecurity by means of IT â Part 1: Resilience through Controlled Destruction and Re-creation…
– Ivan Fedorets
This article emphasizes the importance of using IT operations to strengthen cybersecurity. Patching is highlighted as an example of how IT practices can eliminate vulnerabilities. The objective is to eliminate unauthorized processes within the IT estate, particularly remote access tools, which pose a cybersecurity risk. The article suggests proactive risk reduction through IT actions. The method involves questioning what actions can be taken within the IT estate without causing collateral damage. It explores options like restarting services, containers, VMs, and redeploying them if necessary. The importance of database failover and backup restoration is also discussed. The article suggests establishing restart routines and performing manual reimaging of workloads. By disrupting malicious code through these actions, adversaries’ ability to maintain persistence is hindered. The article emphasizes the resilience and availability of the IT infrastructure, even during a breach. The approach encourages a collaborative effort between IT operations and cybersecurity teams.
Link: https://medium.com/@ivan.fedorets/cybersecurity-by-means-of-it-part-1-resilience-through-controlled-destruction-and-re-creation-90441d5799ef