Compliance Equates To Effective Security
Compliance is necessary but completely insufficient on its own, according to Chris Day, Cyxtera's chief cybersecurity officer. Adversaries are intelligent and adaptive, Day said, and often behave in a creative and pernicious manner toward organizations that aren't doing unstructured hunting.
Penetration testing to satisfy compliance requirements is typically very light, and often just requires running an external scanner, Day said. But by the time organizations achieve compliance, Day said they've often gone through all the money set aside for security.
Organizations should approach security from the standpoint of an adversary and either employ or bring in humans to do comprehensive threat hunting, Day said. A seasoned threat hunter in a network running commands such as PowerShell is going to expose things that simply wouldn't come up in a penetration test, according to Day.