I hate when people use the term “cyberwarefare” outside of its original context—a true war of nations trading bombs for bytes in the tubes. Sure, organizations are being attacked by nefarious groups that seem to be marching toward specific and fruitful goals, but is it really cyberwarfare?

Regardless of what you want to call it, you still must act and react like someone is launching a digital missile campaign against your information. You can either sit and wait for someone else to tell you that you have been compromised, or you can take ownership of the problem and start up-leveling your intelligence gathering and analysis. It’s the Big Data problem of security.

Magazine stack, bravenewtraveler

Your enemy is doing this, so why aren’t you? They amass staggering amounts of data about their targets, analyze that data to find probable weak points, and plot out an attack that yields valuable results. They comb through every public piece of information available including your social media presence and things available through current and cached search engine results. “But I don’t have a social media presence,” you might say. Do you have employees? Then I guarantee you have a presence outside of your control—Linkedin being the most obvious place where the bad guys can freely map your organization and players, PAST AND PRESENT.

This means that all of those logs that you turned off or have been ignoring for ages must become part of your big-data security strategy. It’s not enough to turn the logs on, you must get the data centralized, analyzed, and activized1.

Retailers faced a similar problem in the 70s-90s. In order to get a leg up, they had to know everything about their customers. They needed to put them in groups of other like-minded consumers and build massive data profiles on them so they could analyze their buying patterns and maximize shelf usage by putting the right products in the right areas of their stores. Amazon was one of the most prominent e-tailers to do this by suggesting other products that you might be interested in based on what you browsed and purchased.

Once you have your data collected and you have specific use case analytics in place, you should find ways to exchange information with industry peers on “beta attacks.” Think of it as an asynchronous early warning system that could help detect industry-wide targets. Finally, you have to take this information and build/use the intelligence to stay ahead of current threats and attacks that impact you. Compliance initiatives won’t do this, so if you are relying on things like HITECH and PCI DSS to keep you safe, get in line with the rest of the companies that will be disclosing breaches in the next few years.

This post originally appeared on BrandenWilliams.com.

  1. Like what I did there? []