Security Magazine logo
  • Sign In
  • Create Account
  • Sign Out
  • My Account
  • NEWS
  • MANAGEMENT
  • PHYSICAL
  • CYBER
  • BLOG
  • COLUMNS
  • EXCLUSIVES
  • SECTORS
  • EVENTS
  • MEDIA
  • MORE
  • EMAG
  • SIGN UP!
cart
facebook twitter linkedin youtube
  • NEWS
  • Security Newswire
  • Technologies & Solutions
  • MANAGEMENT
  • Leadership Management
  • Enterprise Services
  • Security Education & Training
  • Logical Security
  • Security & Business Resilience
  • Profiles in Excellence
  • PHYSICAL
  • Access Management
  • Fire & Life Safety
  • Identity Management
  • Physical Security
  • Video Surveillance
  • Case Studies (Physical)
  • CYBER
  • Cybersecurity News
  • More
  • COLUMNS
  • Cyber Tactics
  • Leadership & Management
  • Security Talk
  • Career Intelligence
  • Leader to Leader
  • Cybersecurity Education & Training
  • EXCLUSIVES
  • Annual Guarding Report
  • Most Influential People in Security
  • The Security Benchmark Report
  • Top Guard and Security Officer Companies
  • Top Cybersecurity Leaders
  • Women in Security
  • SECTORS
  • Arenas / Stadiums / Leagues / Entertainment
  • Banking/Finance/Insurance
  • Construction, Real Estate, Property Management
  • Education: K-12
  • Education: University
  • Government: Federal, State and Local
  • Hospitality & Casinos
  • Hospitals & Medical Centers
  • Infrastructure:Electric,Gas & Water
  • Ports: Sea, Land, & Air
  • Retail/Restaurants/Convenience
  • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
  • Industry Events
  • Webinars
  • Solutions by Sector
  • Security 500 Conference
  • MEDIA
  • Videos
  • Podcasts
  • Polls
  • Photo Galleries
  • Videos
  • Cybersecurity & Geopolitical Discussion
  • Ask Me Anything (AMA) Series
  • MORE
  • Call for Entries
  • Classifieds & Job Listings
  • Continuing Education
  • Newsletter
  • Sponsor Insights
  • Store
  • White Papers
  • EMAG
  • eMagazine
  • This Month's Content
  • Advertise
Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
CybersecurityManagementTechnologies & SolutionsSecurity Enterprise ServicesSecurity Leadership and ManagementLogical SecuritySecurity & Business ResilienceSecurity Education & TrainingCybersecurity News

Queens, rooks and ransomware

Cybersecurity is a never-ending chess match requiring a proactive strategy

By LeeAnne Pelzer
chess cyber
October 20, 2020

During a master’s game of chess, players must react to the unanticipated — for instance, an opponent dramatically sacrificing a queen to advance a brilliant strategy. To the novice player, it may seem as though chess is a game of reactivity; but for top-notch competitors, there is always an evolving core strategy at play, even when subtle moves may not immediately reveal it. Similarly, in cybersecurity, while organizations must be nimble enough to react to the unanticipated and unexpected — such as a ransomware attack, evolving threat tactics, or even a global pandemic shifting business operations — they must also have a robust and comprehensive proactive security strategy moving their metaphorical chess pieces across the board. Threat actors are strategic in their approaches; as such, organizations must have an expert-level, proactive security strategy in play to ensure they come out on top.

When organizations choose to address cybersecurity deficiencies and incidents as they occur, the results can be detrimental. Those companies that favor reactive cybersecurity are constantly scrambling to triage the most pressing risk of the moment, and often, sophisticated threat actors have strategically masked their attack strategy, making it extremely difficult to detect early threat indicators. This can lead to organizations battling an end game: responding to a more significant incident, such as a ransomware attack, rather than having thwarted an initial phishing attempt or discovering alerts indicating that threat actors are moving into their IT environment.

As the many publicized security issues during the COVID-19 pandemic have demonstrated, it is important that organizations be prepared to meet the security challenges of unanticipated changes in their IT environment, threat landscape, and even the world. The most successful organizations take a proactive stance in laying the groundwork to identify, detect, defend against, and respond to subtle moves made by threat actors in the early stages of the threat attack chain. By pre-emptively identifying potential cyber risks and deploying strategic protective measures, organizations will be better positioned to defend their “king” (i.e., their critical assets) across people, process, and technology.

Proactive cybersecurity programs include comprehensive activities that involve not only the IT and security teams, but also the CEO and boards of directors. Examples of key proactive activities include identifying risk tolerance, defining governance structures, and developing comprehensive security strategies. Throughout this article, we will review key domains where organizations can proactively fortify their cybersecurity measures. COVID-19 has increased threat activity and created unique changes — and increased risk — in IT environments. Now is the time to review some “quick hit” areas where you can bolster your cybersecurity and execute your winning strategy.

 

Remote access

Remote access vulnerabilities are a top concern in 2020 because of the mass migration of office workers to home office settings in response to the ongoing pandemic. Threat actors have capitalized on the associated vulnerabilities, waging ransomware attacks, hijacking video conference calls, and other nefarious tactics. Some things you can do to reduce risk include:

Ensure that sensitive documents or applications cannot be accessed without requiring the use of a VPN client.

Deploy multi-factor authentication (MFA) as standard everywhere it can be leveraged. MFA is the easiest and most effective way organizations can protect themselves from unauthorized access. There are plenty of MFA solutions available to fulfill each organization’s unique needs, from tokens to mobile device codes.

Consider disabling remote desktop protocol if it is not needed in the environment.

If new collaboration platforms were quickly stood up, consider reviewing them for security to see if patching is required or if better, more secure options are available for your longer-term needs.


Vendor due diligence

Even if your organization is doing everything right from a security standpoint, the third parties you engage for services could present an Achilles’ heel. Some of the most significant breaches in recent years were caused by gaps in vendor security, so it is important to conduct vendor due diligence assessments. These assessments review the cybersecurity posture of vendor organizations (much as you would your own organization, but less in-depth), and they can be conducted both prior to contracting a third-party vendor or after they are already serving your needs.

It’s also important to understand who is responsible for which aspects of cybersecurity oversight in the vendor relationship. If this is unclear, evaluate security roles and responsibilities with all vendors that touch your critical data assets or security infrastructure. A thorough understanding of roles and responsibilities is essential, not only when securing data against threat actor strategies, but also for contractual reasons and business continuity and incident responses scenarios.

 

Asset and configuration management

You cannot protect what you don't know you have. Some organizations take a reactive approach to asset management—they procure assets when they need them, such as a new firewall, computer, and/or software, without following through with appropriate disposal of the retired assets, updating the asset inventory, and ensuring configuration settings are appropriate tracked. Automated asset management tools that rely on network scanning to identify assets can be a great place to start, but they don’t necessarily capture all assets, such as those that are not connected to the network (we see this often with connected medical equipment), nor do they gather configuration information.

Having complete information on assets and configurations will position organizations to protect and patch all software and hardware and track equipment that has gone missing.

 

Incident response

Having a robust, tested Incident Response and Remediation Plan (IRRP) is not something you want to think about after an incident occurs, when you are in the midst of triaging an actual security breach. The time to create a plan and test it is now. A static or outdated IRRP is not beneficial. These plans should  be revisited periodically to ensure they are updated and aligned with the current business objectives and the threat landscape. Listed below are a few common gaps to consider:

Are the call trees in the plan current and up to date?

If you have cyber insurance, are the processes and contacts in the policy integrated in your IRRP? Cyber insurance is designed to facilitate response, but we’ve seen reaction delays as companies work to locate the policy and discover who to contact/what to do because the policy wasn’t integrated in the IRRP.

Are all parties that will play a role in the response part of the plan (e.g., in-house legal resources, communications teams, HR)?

Is your plan aligned to incident response recommendations within an industry-recognized framework, such as the National Institute of Standards and Technology (NIST) Cybersecurity Framework?

Do you have a Digital Forensics and Incident Response (DFIR) firm on retainer to assist your team in the event of a significant matter or data breach?

It is also essential that organizations actually test their response plans and playbooks by facilitating "tabletop" exercises against real-world threat types to get familiar with the processes outlined in the plan, ensure response procedures will meet needs under actual threat circumstances, and determine any gaps or weaknesses in the response approach.

 

Identity and access management (IAM)

IAM extends beyond just provisioning and deprovisioning the access rights of new and departing employees. Organizations should also ensure there are stringent policies and procedures in place regarding the managing and routine auditing of segregation of duties (we suggest even a high-level audit quarterly or monthly). Because insider threats continue to be a significant source of threat against organizations according to our research, it’s important to fully and promptly terminate access rights when an employee leaves the organization.

 

Cyber risk identification and strategic remediation

Cyber Risk Management can be a daunting task, and some organizations, understandably, aren’t quite sure where to begin in managing cyber risk. Obtaining a cyber risk assessment conducted by a third-party firm against an industry-leading framework or set of best practices can help organizations identify vulnerabilities. Organizations can then create a carefully tailored strategy to prioritize and remediate these risks, based on the organization’s unique goals, risk tolerance, security objectives, budget, and technology landscape.

In our experience, the most successful organizations in cyber defense build an internal cyber risk management function to ensure risk management is not a one-time activity, but, rather, a dynamic commitment that captures the changing cybersecurity landscape at any given moment. Other high-performing organizations successfully apply risk scoring tactics that associate degrees of risk with repeatable values (high/medium/low, or more complex quantitative scores) to assist in prioritizing efforts and investments and track progress over time. Data-driven decisions help derive the most beneficial and objective outcomes from the cyber risk management function.

Cybersecurity staff, tools, and processes can be costly to the enterprise, and often, the return on investment is not immediately obvious. But an outlay of both effort and capital early on is a gambit that contributes heavily to a winning strategy. With a much more robust proactive stance, attack attempts such as ransomware are more likely to be unsuccessful instead of resulting in “check mate” for critical operations.

KEYWORDS: cyber security hackers incident response ransomware risk management threat intelligence

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Cg bios pelzer leeanne

LeeAnne Pelzer is a cybersecurity risk management specialist with consulting and advisory expertise in both the commercial and federal sectors. As a principal consultant for The Crypsis Group, she provides professional client services out of the company’s McLean, Va., headquarters. LeeAnne joined Crypsis in 2019 after several years at Deloitte & Touche LLP, most recently as a senior consultant in the firm’s Cyber Risk Services practice. During her tenure with Deloitte, LeeAnne developed pivotal relationships with C-level clients and implemented industry-leading solutions regarding the identification, remediation, mitigation, and continuous monitoring of cybersecurity risks. LeeAnne holds extensive experience deploying Cyber Risk Management solutions in complex client environments — ranging from the development of strategic remediation roadmaps to the implementation of customized governance, risk management, and compliance (GRC) solutions. Additionally, LeeAnne has utilized her knowledge of risk prioritization and statistics to deploy tailored cyber risk scoring methodologies to noteworthy clients, such as the United States’ largest healthcare organization.

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Top Cybersecurity Leaders
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Security Leadership and Management
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    Cybersecurity
    By: Charles Denyer
close

1 COMPLIMENTARY ARTICLE(S) LEFT

Loader

Already Registered? Sign in now.

Manage My Account
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

The Money Laundering Machine: Inside the global crime epidemic - Episode 24

The Money Laundering Machine: Inside the global crime epidemic - Episode 24

Security’s Top 5 – 2024 Year in Review

Security’s Top 5 – 2024 Year in Review

Middle East Escalation, Humanitarian Law and Disinformation – Episode 25

Middle East Escalation, Humanitarian Law and Disinformation – Episode 25

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Sureview screen
    Sponsored bySureView Systems

    The Evolution of Automation in the Command Center

  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

Popular Stories

Rendered computer with keyboard

16B Login Credentials Exposed in World’s Largest Data Breach

Verizon on phone screen

61M Records Listed for Sale Online, Allegedly Belong to Verizon

Security’s 2025 Women in Security

Security’s 2025 Women in Security

Red spiderweb

From Retail to Insurance, Scattered Spider Changes Targets

blurry multicolored text on black screen

PowerSchool Education Technology Company Announces Data Breach

Events

August 7, 2025

Threats to the Energy Sector: Implications for Corporate and National Security

The energy sector has found itself in the crosshairs of virtually every bad actor on the global stage.

August 27, 2025

Risk Mitigation as a Competitive Edge

In today’s volatile environment, a robust risk management strategy isn’t just a requirement—it’s a foundation for organizational resilience. From cyber threats to climate disruptions, the ability to anticipate, withstand, and adapt to disruption is becoming a hallmark of industry leaders.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • Old Newswire Feature Image

    Queens Lawmaker Proposes "Panic Button" for Hotel Housekeepers

    See More
  • Safe & Sound in Queens

    See More
  • healthcare security freepik

    Clinical treatment of ransomware in healthcare

    See More

Related Products

See More Products
  • physical security.webp

    Physical Security Assessment Handbook An Insider’s Guide to Securing a Business

See More Products
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing

Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!