Traveling to the Future of Cyber Security

How to prepare successfully for cyber incidents

“Observability and detection are vital for the response aspect of security. Simply put, if you can’t detect it, then the chance for a timely response to a cyber incident is low. In order to prepare, you need to define your process, your technology and your people on each of three components: observability, detection and response,” says Ariel.
“As cyber defense leaders, in order to be well prepared you would like to have identified your business priority risks and crown jewels, and have a thorough understanding of your threat landscape. To add to that, you want to have practical, well-practiced and validated response procedures, as well as a trained and passionate cyber incident response team, armed with top quality tooling.”

Dealing with emerging threats

To stay one step ahead of emerging threats, you have to be able to correlate an abundance of information sources into a crisp reality image. This is done by smart contextualization of the telemetry and alerts, correlating them with each other, with threat intelligence sources, and with business and risk information. Ariel says that “this allows you to keep your cyber defense teams within a manageable amount of information of high value, and high effectiveness of security operations”. IT technologies have grown exponentially more complex over the years. In order to stay up to speed, cyber defense teams have to be able to scale defense capabilities without requiring linear growth in resources.

Pitfalls in cyber threat detection and response

“Some of the pitfalls cyber security defense teams encounter from doing cyber defense in a silo, without being fully aware of both the full attack surface and the most important business assets. This may lead to a security ‘comfort zone’, where there may be over-investment in defense of certain points, while other major blind spots are not properly defended and there’s a lack of awareness and risk acceptance from the business. These disconnected situations may result in a negative scenario,” says Ariel. “There is also limited raw telemetry collection and retention, which impedes the ability to detect, hunt or investigate cyber attacks. Cyber defense teams do not always have a clear and open view of the threat landscape, or of the adversarial point of view. In such cases, it is almost impossible to provide proper cyber defense to the business,” he continues to explain. “The defense would be passive, driven by native alerts coming from security tools, lacking the holistic understanding of the ‘3D chess game’ we play every day with our adversaries, as cyber defense professionals.” Another potential pitfall in security defenses is that it's common to see security organizations that simply don’t measure the right KPIs. “If you don’t define the KPIs properly,” says Ariel, “you’ll be creating the wrong incentives for the security teams, which will eventually lead to ineffective resource allocation, low team effectiveness and, potentially, to cyber compromise.”

What's unique about Booking.com and cyber security?

“We take online safety and the protection of consumer and partner data extremely seriously,” says Ariel “We are continuously innovating our processes and systems to ensure optimal security on our platform, while constantly evaluating and enhancing the robust security measures we already have in place.” “In line with the highest technical standards, our dedicated security and fraud teams monitor activity 24/7, utilizing bespoke, state-of-the-art tooling to quickly detect and resolve any potentially suspicious activity, leveraging both internal and independent industry expertise to stay one step ahead of threats and adversaries.” It’s no stretch to say that Booking.com hires top talent to make up their teams, as well as the best tooling and most advanced technologies available on the market – including the latest, most innovative methodologies.

To learn more about the world class cyber-defense strategies implemented by Booking.com, read the e-magazine below.