What is it?
The Methodology for Adversary Obstruction is a set of security implementation guidelines introduced by the National Security Agency with the ultimate goal of protecting its members from cybersecurity breaches.
This methodology is intended to reduce organizational risk from cyberthreats through compliance with its guidelines.
Key compliance challenges
Diverse infrastructure
One key theme of the methodology is the need to create and enforce segregation and access controls. This can be especially challenging, as both can require infrastructure-wide change, including the reconfiguration of networks and the need to implement changes consistently across multiple infrastructure types, such as the cloud and internet-connected devices.
Combined with the implied downtime, these application changes require significant teamwork to plan and execute, introducing a high toll on teams already maxing out their existing resources.
Diverse guidelines
On par with a layered approach to security, the guidelines here cover a broad range of disciplines, ranging from network to endpoint security capabilities. Addressing such a diverse set of guidelines usually requires multiple tools. However, implementing, configuring, and maintaining these tools with limited team resources and head count can be a significant challenge.
