TAIPEI (Taiwan News) — David Warshavski, vice president of Tel Aviv-based cybersecurity firm Enterprise Security at Sygnia, has some surprising advice to offer Taiwanese manufacturers.
“We need to reduce the blast radius,” he said. Battlefields, fortresses, and secret keys are among the visual terms he uses to communicate cyber defense concepts to non-technical audiences.
“We need to manage the battlefield,” Warshavski said in a recent episode of the Policy People Podcast, referring to network attacks. He added that cyberattacks on chip manufacturers are on the rise.
He believes manufacturing companies, which are particularly vulnerable, can be better protected. “There’s a lot that can be done... to not only prevent attacks but to mitigate them as they happen.”
Warshavski said companies can limit the blast radius by setting up chokepoints throughout the network that isolate the spread of the attack and protect core assets.
“For example, take semiconductors. We don’t mind as much if someone reads someone’s emails. What we want is to stop them gaining access to the assets that produce the wafers,” he said. This is done by anticipating the hacker’s next move.
“We want to identify them, hunt them, and eradicate them without impacting operations,” he said.
Oftentimes, we cannot prosecute these threat actors, especially if they are in Russia, China, or other authoritarian countries where they work with impunity, he said. However, since they frequently launch attacks, we can get to know how they operate and anticipate their strategy.
"We cannot fully prevent attacks, but we can make it so that we can detect an attack at an early stage and remove the hacker from the environment almost completely and limit damage," he said. “That way we can prevent even the most sophisticated threat actors.”
Warshavski said we must leverage Sun Tzu’s philosophy, which is, all war is based on deception. “We can actually lure the threat actor to waste time in a different network segment where he can do no harm while we shore up defenses around the core assets.”
He said that once threat actors crack into the network, they first seek out the “keys to the kingdom” — passwords or encrypted files that give them access to the most prized possessions of the organization. Warshavski said fake keys can be set up to trigger a silent alarm when accessed, so the defenders can move swiftly to trap the hacker in a corner of the network.
“The defenders are like the architects of the battle terrain,” he said. “So we need to leverage that control the defender has to our advantage.”
Warshavski’s organization, Sygnia, provides high-end consulting and incident response support for organizations worldwide, including Fortune 100 companies.