- Apr 25, 2015
- 1,845
- 2
- 2,199
- 327
Many people will say "We need to stop phishing."
No, we need to stop the above low numbers. Kill the adversary ability to gain authority and laterally move within your environment. If you kill them in the middle, it is easier to prevent code execution turning into exfil of data anyway. For example, with 2FA (two-factor authentication) your employees may be phished all day long, but if the gaining auth portion is well-protected, that username/password stolen will never permit exfil of data..
No, we need to stop the above low numbers. Kill the adversary ability to gain authority and laterally move within your environment. If you kill them in the middle, it is easier to prevent code execution turning into exfil of data anyway. For example, with 2FA (two-factor authentication) your employees may be phished all day long, but if the gaining auth portion is well-protected, that username/password stolen will never permit exfil of data..