One Article Review
| Source |  AlienVault Blog |
|---|---|
| Identifiant | 1365162 |
| Date de publication | 2019-09-27 13:00:00 (vue: 2019-09-27 16:00:34) |
| Titre | Why security monitoring falls short and what can be done about it |
| Texte |
Photo by Emmanuel on Unsplash
There are parts of every business considered to be critical to its ability to function. Email, accounting, and customer service are a few. Indeed, if email went down, accounts receivable stopped, or customers couldn’t talk to anyone, the business would suffer. There is another critical function of business that isn’t widely viewed as such: security monitoring.
If you’re not “hands on” with security day-to-day, you might have just read that and thought, “…whaaaatever.”
Yet, what would happen if your company was hacked and you suffered a critical, prolonged outage? Or if your company was featured in the next credit card breach headline? Would you reconsider the importance of security monitoring in the aftermath of these events?
Yes, security monitoring is a critical business function because it is a vital element of any meaningful cyber security strategy. Without a doubt, a sound monitoring capability can prevent and minimize loss of revenue, data, value, and trust associated with a breach. Why then, is it one of the most under-funded and under-resourced functions in many businesses?
More often than not, it is because organizations fail to approach it with the rigor and discipline applied to other core business functions. And when you fail to take that approach, there will be inevitable shortcomings in the implementation and operation of the security monitoring program. This is part of the reason so many businesses continue to fall victim to cyberthreats, costing immense losses every year.
Frequently, we’re called into a company because a breach has already occurred. In those moments, budgets are out the window, as all hands are on deck to assess and contain the threat, and to recover critical business operations. In the aftermath of damage control, the focus shifts to an introspective post-mortem. We seek to understand the vulnerabilities, gaps, and even attitudes that gave way to such havoc, and to implement the necessary practices to help prevent such a breach from happening again.
Almost always, we find that the prior security monitoring effort could much better be defined as a “concept” rather than a “program” or “capability”. We routinely see clients with a few generalists from their IT or security departments overseeing the effort, but not full time, and with little (if any) training in the practice. Security monitoring is a specialty, and it requires well-trained analysts to perform the job correctly.
There are countless manifestations of threat activity that a seasoned analyst knows how to spot and investigate. This ability comes with training, experience, and often the support of a broader team that can provide their own insights and guidance. Even then, these folks need standardized processes to ensure the consistency and effectiveness of the operation.
No matter how capable they may be, even the most skilled generalist is at a constant disadvantage in knowing what to look for, how to investigate it, and getting it right time-after-time. Moreover, budget constraints and competing priorities dictate that these individuals are seldom provided ample time to perform their work thoughtfully and thoroughly. Given these realities, most organizations will find that building a strong monitoring program in-house is an uphill battle.
Unless you are among the fortunate few who can afford to acquire, train, and retain the talent to staff a SOC, you may want to consider a partner who can bring the SOC function to you.
Want to learn more? Join Alagen’s webinar on September 30 to hear me talk about the benefits — performance and financial — of hiring a managed securit |
| Envoyé | Oui |
| Condensat | “…whaaaatever “hands ability about accounting accounts acquire activity afford after aftermath again alagen’s all almost already always among ample analyst analysts another any anyone applied approach are assess associated attitudes battle because benefits better breach bring broader budget budgets building business businesses but by emmanuel on unsplash called can capability capable card center clients comes common company competing consider considered consistency constant constraints contain continue control core correctly costing immense could couldn’t countless credit critical customer customers cyber cyberthreats damage data day deck defined departments dictate disadvantage discipline done doubt down effectiveness effort element email ensure environment even events every experience fail fall falls featured financial find focus folks fortunate frequently from full function functions funded gaps gave generalist generalists getting given guidance hacked hands happen happening has have havoc headline hear help hiring holistically house how implement implementation importance indeed individuals inevitable insights introspective investigate isn’t its job join just knowing knows learn learn: little look loss losses managed manifestations many matter may meaningful might minimize moments monitor monitoring more moreover mortem most much necessary need next not occurred often on” one operating operation operations organizations other out outage overseeing own part partner parts perform performance photo pitfalls post practice practices prevent prior priorities processes program prolonged provide provided rather read realities reason receivable reconsider recover requires resourced retain revenue right rigor routinely seasoned security see seek seldom september service shifts short shortcomings skilled soc sound specialty spot staff standardized stopped strategy strong such such: suffer suffered support take talent talk team than then these think thoroughly those thought thoughtfully threat time train trained training trust under understand unless uphill upsides value victim viewed vital vulnerabilities want way we’re webinar well went what when who why widely will window without work would year yet you'll you’re your |
| Tags | Threat |
| Stories | |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.