The security perspective : what are the cyberthreats and ...
Mitigate Advanced Cyberthreats with Threat Lifecycle Management … · 2018-03-26 · •...
1
Mitigate Advanced Cyberthreats with Threat Lifecycle Management Mitigate Advanced Cyberthreats with Threat Lifecycle Management of IT organizations say they’ve been compromised by cyberattacks. 1 Cyberbreaches are becoming ubiquitous: As the number of breaches grows, their economic consequences rise: 76% is the average cost of attacks to compromised organizations. 2 The traditional mantra remains: • Protect • Defend • Respond But organizations must do more. $7.7 million The latest threat management strategies combined with next-gen security operations centers reduce risk and effectively block sophisticated attacks. The latest threat management strategies combined with next-gen security operations centers reduce risk and effectively block sophisticated attacks. The bottom line: Modern security strategies must keep pace with sophisticated hackers. The bottom line: Modern security strategies must keep pace with sophisticated hackers. New Best Practice No. 1 Adopt a model for full threat lifecycle management. This includes the following: New Best Practice No. 1 Adopt a model for full threat lifecycle management. This includes the following: New Best Practice No. 2 Create a next-generation security operations center. This is a systematic approach for optimizing people, technology, and processes to most effectively protect the confidentiality, integrity, and availability of information systems and assets. 3 New Best Practice No. 2 Create a next-generation security operations center. This is a systematic approach for optimizing people, technology, and processes to most effectively protect the confidentiality, integrity, and availability of information systems and assets. 3 Forensic Data Collection Collect essential data, including information from event logs and forensic sensors. Threats target all aspects of the IT infrastructure, so the more you can see, the more you can detect. Qualify Assess the potential impact of discovered threats to the business and the urgency of response efforts. Reduce false positives with tools designed to identify them quickly and accurately. Neutralize Reduce response times with updated incident-response processes and playbooks coupled with automation. Recover Leverage threat intelligence to detect if the threat returns or has left a back door. Apply lessons learned to bolster defenses. Investigate Fully investigate qualified threats to confirm whether a security incident has occurred or is in progress. Discover Analyze data for anomalies. The traditional way to do this is search analytics, but that’s people-intensive. Consider automated machine analytics, which relies heavily on software. • Thoroughly scoped • Resilient by design • Automated to streamline • Intelligence-driven • Continuous learning 1. Faster detection and response reduce risk. 2. Early neutralization stops cyber incidents and data breaches. The main pillars of a next-gen SecOps center: The main pillars of a next-gen SecOps center: The Payoff The Payoff Get details about implementing threat lifecycle management and building a next-generation security operations center. 1. CyberEdge Group, LLC. “2016 Cyberthreat Defense Report.” 2016. 2. Ponemon Institute. “2015 Cost of Cyber Crime Study: Global.” Sponsored by Hewlett Packard Enterprise. October 2015. 3. Roselle Safran in webcast “Building and Instrumenting the Next-Generation Security Operations Center. ” Dark Reading. Sponsored by LogRhythm. 2016. Site Sponsored by
Transcript of Mitigate Advanced Cyberthreats with Threat Lifecycle Management … · 2018-03-26 · •...
Mitigate AdvancedCyberthreats with
Threat LifecycleManagement
Mitigate AdvancedCyberthreats with
Threat LifecycleManagement
of IT organizations say they’ve been
compromised by cyberattacks.1
Cyberbreaches are becoming ubiquitous:
As the number of breaches grows, their economic
consequences rise:
76%
is the average cost of attacks to
compromised organizations.2
The traditional mantra remains:
• Protect
• Defend
• Respond
But organizations must do more.
$7.7 million
The latest threat management strategies combined with next-gen security operations centers reduce risk
and effectively block sophisticated attacks.
The latest threat management strategies combined with next-gen security operations centers reduce risk
and effectively block sophisticated attacks.
The bottom line:Modern security strategies must keep pacewith sophisticated hackers.
The bottom line:Modern security strategies must keep pacewith sophisticated hackers.
New Best Practice No. 1Adopt a model for full threat lifecycle management. This includes the following:
New Best Practice No. 1Adopt a model for full threat lifecycle management. This includes the following:
New Best Practice No. 2Create a next-generation security operations center. This is a systematic approach for optimizing people, technology, and processes to most effectively protect the confidentiality, integrity, and availability of information systems and assets.3
New Best Practice No. 2Create a next-generation security operations center. This is a systematic approach for optimizing people, technology, and processes to most effectively protect the confidentiality, integrity, and availability of information systems and assets.3
Forensic Data CollectionCollect essential data, including information from event logs and forensic sensors. Threats target all aspects of the IT infrastructure, so the more you can see, the more you can detect.
QualifyAssess the potential impact of discovered threats to the businessand the urgency of response efforts. Reduce false positives withtools designed to identify them quickly and accurately.
NeutralizeReduce response times with updated incident-response processes and playbooks coupled with automation.
Recover Leverage threat intelligence to detect if the threat returns or has left a back door. Apply lessons learned to bolster defenses.
Investigate Fully investigate qualified threats to confirm whether a security incident has occurred or is in progress.
Discover Analyze data for anomalies. The traditional way to do this is searchanalytics, but that’s people-intensive. Consider automated machine analytics, which relies heavily on software.
• Thoroughly scoped
• Resilient by design
• Automated to streamline
• Intelligence-driven
• Continuous learning
1. Faster detection and response reduce risk.
2. Early neutralization stops cyber incidents and data breaches.
The main pillars of a next-gen SecOps center:The main pillars of a next-gen SecOps center:
The PayoffThe Payoff
Get details about implementing threat lifecycle management and building a next-generation security operations center.
1. CyberEdge Group, LLC. “2016 Cyberthreat Defense Report.” 2016.
2. Ponemon Institute. “2015 Cost of Cyber Crime Study: Global.” Sponsored by Hewlett Packard Enterprise. October 2015.
3. Roselle Safran in webcast “Building and Instrumenting the Next-Generation Security Operations Center.” Dark Reading. Sponsored by LogRhythm. 2016.
Site Sponsored by
