Law.com Subscribers SAVE 30%
Call 855-808-4530 or email [email protected] to receive your discount on a new subscription.
Strategy vs. Tactics: Two Sides of a Difficult Coin
About 2,500 years ago, Chinese military strategist, Sun Tzu, wrote "The Art of War." In it, he said: "Strategy without tactics is the slowest route to victory. Tactics without strategy is the noise before defeat." Tactics and strategy should always complement each other, and are two sides of the same coin. With each successive large-scale cyber attack, it is slowly becoming clear that ransomware is replacing traditional bank heists, and more importantly, military incursions as these attacks now target the critical infrastructure of the most powerful country on the planet. Understanding the strategy, and tactics of our opponents, as well as the strategy and the tactics we implement as a response are vital to victory.
In the battlefield of cybersecurity, here's how we define the tactical versus the strategic:
- Strategy defines your long-term goals and how you're planning to achieve them. In other words, your strategy gives you the path you need toward achieving your organization's mission.
- Tactics are much more concrete and are often oriented toward smaller steps and a shorter time frame along the way. They involve best practices, specific plans, resources, etc. They're also called "initiatives."
The opposition implements these same principles in their dark rooms and secret online forums. Even the most basic strategy drives toward a mission — knowing what their goals are, who they intend to strike, and when they intend to activate their attacks. This explains why we see targeted attacks, sustained campaigns, rapid execution, massive ransom amounts and significant impacts.
Based on that strategy, various specific tactics are employed to achieve their goals. When we dissect the aftermath of a ransomware cyber event, we find a trail of tactics used in the attack, such as phishing, misdirection, privilege escalation and propagation, among many other pieces. This elective matrix of tactics explain why it often seems that security systems were just a step behind. You will find that each tactic is an escalation to a next step and the next tactic, driven by the overall strategy.
This premium content is locked for Entertainment Law & Finance subscribers only
ENJOY UNLIMITED ACCESS TO THE SINGLE SOURCE OF OBJECTIVE LEGAL ANALYSIS, PRACTICAL INSIGHTS, AND NEWS IN ENTERTAINMENT LAW.
- Stay current on the latest information, rulings, regulations, and trends
- Includes practical, must-have information on copyrights, royalties, AI, and more
- Tap into expert guidance from top entertainment lawyers and experts
Already a have an account? Sign In Now Log In Now
For enterprise-wide or corporate acess, please contact Customer Service at [email protected] or 877-256-2473
Overview of Regulatory Guidance Governing the Use of AI Systems In the Workplace
Businesses have long embraced the use of computer technology in the workplace as a means of improving efficiency and productivity of their operations. In recent years, businesses have incorporated artificial intelligence and other automated and algorithmic technologies into their computer systems. This article provides an overview of the federal regulatory guidance and the state and local rules in place so far and suggests ways in which employers may wish to address these developments with policies and practices to reduce legal risk.
Is Google Search Dead? How AI Is Reshaping Search and SEO
This two-part article dives into the massive shifts AI is bringing to Google Search and SEO and why traditional searches are no longer part of the solution for marketers. It’s not theoretical, it’s happening, and firms that adapt will come out ahead.
While Federal Legislation Flounders, State Privacy Laws for Children and Teens Gain Momentum
For decades, the Children’s Online Privacy Protection Act has been the only law to expressly address privacy for minors’ information other than student data. In the absence of more robust federal requirements, states are stepping in to regulate not only the processing of all minors’ data, but also online platforms used by teens and children.
Revolutionizing Workplace Design: A Perspective from Gray Reed
In an era where the workplace is constantly evolving, law firms face unique challenges and opportunities in facilities management, real estate, and design. Across the industry, firms are reevaluating their office spaces to adapt to hybrid work models, prioritize collaboration, and enhance employee experience. Trends such as flexible seating, technology-driven planning, and the creation of multifunctional spaces are shaping the future of law firm offices.
From DeepSeek to Distillation: Protecting IP In An AI World
Protection against unauthorized model distillation is an emerging issue within the longstanding theme of safeguarding intellectual property. This article examines the legal protections available under the current legal framework and explore why patents may serve as a crucial safeguard against unauthorized distillation.