One Article Review
| Source |  AlienVault Blog |
|---|---|
| Identifiant | 874437 |
| Date de publication | 2018-11-01 13:00:00 (vue: 2018-11-01 15:02:43) |
| Titre | Cybersecurity & Formula 1 Racing - It\'s a Profession |
| Texte |
This is perspective from one of our MSSP partners, CyberHat.
Formula 1 is a serious business. It takes years of expertise and practical foot work to design, build and operate a winning Formula 1 team. It's easy to think that success depends on the car and the technology. But in reality, a cutting edge engine in the best car in the world can’t win a race alone. Without an expert driver and a highly experienced and dedicated support team, you just can’t finish first.
When it comes to Cybersecurity everyone wants to win the race of protecting their assets and detecting and responding to threats to mitigate risk. Most organizations today will invest heavily in cyber security technology, buying it, integrating it and implementing into the organization, yet very few will focus on the teams driving the technology, supporting and utilizing it.
It’s a simple belief that if you get a good enough car, you don’t need to be a good driver, when the reality is exactly the opposite – if you’re a good enough driver, you can get a lot out of pretty much every car.
Today, more and more companies are looking for fully encompassing cyber security solutions and are gradually consolidating in to Security Operation Centers (SOC)s to help manage their security issues and this is a smart move. SOCs are where Cybersecurity teams detect, analyze and respond to threats on an organization. Their core task is to use the tools and skills at hand in order to provide the organization with an ongoing, relevant and professional security posture.
Yet in the current cybersecurity landscape not all SOCs were created equal. It is important to understand what components are imperative for a SOC to be most effective.
Formula 1 fact: The best Formula 1 Pit Crew can refuel and change a tire in just 3 seconds.
They are the best in their field and they are dedicated to a strong set of processes. This is true for the SOC team as well. High expertise and seamless teamwork are important to effectively curtail the dangers of cyber-attacks and navigate the cyber field safely and in a timely manner. Many SOCs might have dedicated Tier 1/2 analysts, who can change tires and refuel seamlessly on the usual runbook procedures for many common or predictable cyber threats, but they are not experts in managing larger scale incidents like a blown gasket or jammed piston which entails the response of more experienced Mechanical Team or in Cyber Tier 3/4 Analysts.
These are highly trained specialized professionals with in-depth experience that are able to tackle complex unusual incidences and attacks under severe time pressure. For example, sometimes cyber-attacks cannot be detected, deflected or blocked before they begin. Then it is the SOCs responsibility to contain and protect as well as investigate and conduct a meticulous analysis for preventing similar incidences, through a dedicated Forensics Team. The Forensics Team of a SOC is dedicated to evaluating necessary damage repair and implementing novel or near realtime responses.
The core trade for a professional is the old saying – “practice makes perfect”, it’s a simple question of consta |
| Envoyé | Oui |
| Condensat | “practice but for it professionalism their then 1/2 1pm 3/4 8th able about act all alone analysis analysts analyze are assets attack attacks become before begin being belief best blocked blown build built business but buying calibrate calibrated can can’t cannot car centers change comes common companies complete complex components conduct configured consolidating constantly contain core created crew cst current curtail curtailing cutting cyber cyberhat cybersecurity damage dangers date dedicated deflected depends depth design designed detect detected detecting direct dirty don’t dramatic driver driving dynamic easy edge effective effectively elements employees encompassing engine enough ensures ensuring entails environment equal evaluating event every everyone exactly example executing experience experienced expert expertise experts fact: fail field finish first focus foot forensics formula from fully gasket get getting good gradually gritty hand hands has have heavily help high highly how imperative implementing important incidences incident incidents infrastructure integrating internal invest investigate issues it's it’s its jammed just key landscape larger learn like looking lot makes manage management managing manner many measured mechanical meticulous might mitigate more most move mssp much navigate near realtime necessary need nitty not novel november old onboarding one ongoing only operate operates operation opposite optimal order ordinary organization organizations out output partners parts perfect” performance personnel perspective piston pit possible posture practical predictable pressure pretty preventing procedures processes profesional profession professional professionals properly protect protecting protection provide question race racing reality refuel register relevant repair repeatedly respond responding response responses responsibility risk runbook safely said saying scale scenarios seamless seamlessly seconds secure security serious set severe siems similar simple skills smart soc socs solid solutions and sometimes specialized specific stay strong success sum support supporting synergy tackle takes task tasks team teams teamwork technology these think threats through thursday tier time timely times tire tires today tools trade trained true turns under understand unusual use usual utilizing versatile very wants way webinar well what when where whether which who whole will win winning within without work world years yet you’re your |
| Tags | |
| Stories | |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.