At CyberPoint, we pride ourselves on mastering and using all effective strategies to prevent, discover, and fix cyber attacks. Over the past decade, a promising approach, the use of Indicators of Compromise (IOCs), has moved from specialized government and military applications into widespread use. Services and collaborative projects like OpenIOC, STIX, MLSEC, TAXII and Alien Vault provide powerful tools to protect you from cyber attacks.
Anyone who is subject to an attack, including a cyber attack, understandably thinks first about ending the assault. Make it stop: discover its strategy, strengthen defenses, disarm the attacker, whatever it takes to return to a state of peace.
But if that's the whole response, it won't be enough. A thorough defense against attack requires a holistic approach. Why did it happen? How could we have found out it was happening sooner than we did? What signs did the attackers leave that we missed? How can we use our knowledge from this attack to fortify ourselves against the next one? Could we have been prepared based on previous attacks against others?