Panelists at ALM cyberSecure discussed ways to shut down cyberattacks before they happen.

"'Proactive' is one of the biggest buzzwords out there right now," said Edward McAndrew, partner at Ballard Spahr and a panelist at ALM's 2016 cyberSecure conference.

Mr. McAndrew spoke on the panel "Turning the Tables: The Proactive Strategy to Cybersecurity. He discussed one company's trouble with cyberattacks as a case study. "The way their networks were set up, basically you could be in some far-off location in another continent, and it's very easy once there was penetration to move laterally, to escalate privilege and move laterally across the network," he explained.

Mr. McAndrew said that use of subnetworks can help prevent that kind of lateral penetration. "Simple things like segmentation in the network can help," he suggested.

Most important to a proactive strategy though, McAndrew suggested, is for companies to fully appreciate the contemporary corporate landscape, wherein hackers are constantly pushing to exploit vulnerability in nearly all companies' infrastructure to gain access to data.

In addition to a proactive strategy companies must be fully aware of the current environment where hackers are continually looking at all means to exploit a company’s vulnerability.

"Part of this is just not understanding your threat landscape, your environment, not having that visibility into what's going on," he said. It's important to "understand who is trying to get to you and why. What are their objectives? Without that, you're kind of fighting in the dark."

Mr. McAndrew, who is a former DOJ staffer who also has experience in the private sector, said he finds that corporations lag well behind the government in terms of their understanding of the scope and strategy of cyberattackers.
"It's not as free-flowing as it should be, it's not as efficient as it should be, and I don't know if it's enabling organizations to have actionable information that they need," he said. "The government just has a much better picture and a much greater visibility into the cyberthreat."