Know what's coming into and leaving your network

"Move, not unless you see an advantage; use not your troops unless there is something to be gained; fight not unless the position is critical."
The sports strategy of "the best defence is a good offense" doesn't work for organisations on the internet.
If you have valuable information (credit card numbers or intellectual property) that is exposed you're a sitting duck. If someone wants to attack you, there won't be much you can do to prevent it. But you can defend yourself when it comes.
Firstly, know when the attack has started, and you better know fast. The time between the attacker's entry and the compromise of information goes undiscovered and uncontained for weeks or months in three-quarters of cases.
Cyber attackers want access to your systems and they will try extortion through distributed denial of service attacks.
To monitor for nefarious activity you need security information and event management tools that work on the concept of "all-source data fusion" used by military intelligence for 50 years.
To know what's going on in your infrastructure, monitor your mission-critical systems, integrate data feeds from devices and correlate the data to identify the few events that are important.
It's a necessity to detect stealth attacks.
Conclusion
Many businesses with significant online presences are prime targets for cyber attack. Every few days it seems we read another story about privacy breaches, stolen intellectual property, compromised credit card numbers or financial fraud.
Studying military doctrine and applying proven security strategies to our people, processes, technologies and organisational strategies and structure can help.
![]() |
Norad monitors air and space threats to the US. |