Essential guide to operation-centric security
To stay ahead of cyber attackers, security teams need to take an operation-centric approach
Introduction
Cyber attackers are becoming smarter. Sorry to tell you that. The range of threats that organisations face is getting bigger and broader. Malicious actors are targeting all manner of devices, applications, networks and users. They are introducing new tactics and techniques, in a game of bluff and double bluff designed to confuse potential victims, while slipping in by the back door.
In the past year alone, we’ve seen increases in ransomware attacks, and highly targeted phishing and social engineering. And as more people are working remotely during the pandemic, this has introduced a whole new set of risks and exposed more users to attack.
While there are many security tools available to help organisations defend their digital assets, most are designed for a specific purpose – for securing endpoints, cloud systems or mobile devices, for example. For security professionals, there’s a real risk of alert overload, making it difficult to tell which threats to prioritise.
To stay ahead of attackers, security teams need to take an operation-centric approach, to offer a real-time picture of activity across their estate. This breaks down the threat intelligence silos, reverses the attacker advantage, and returns the high ground to the defenders by extending detection and response capabilities across the organisation. In this essential guide, we look across the security spectrum to highlight the many challenges faced by IT security experts where an operation-centric approach will help.
1Cyber threats-
The growing range of cyber threats
Cyber criminals are becoming increasingly sophisticated, with a growing range of tools and techniques targeting your valuable digital assets.
How to build an effective vulnerability management programme
As cyber criminals increasingly look to exploit vulnerabilities in software and hardware, businesses must build and implement an effective vulnerability management programme to counter this growing threat Continue Reading
Double extortion ransomware will be a big theme in 2021
Defenders will see heightened levels of cyber crime next year as criminals pivot their attacks from data encryption to exfiltration Continue Reading
‘Batman Begins’ cyber attack is a warning to CNI providers
A thwarted cyber attack in a Florida town that could have resulted in the poisoning of the water supply is a timely reminder of the vulnerability of critical services Continue Reading
Credential stuffing: When DDoS isn’t DDoS
Ten years ago, credential stuffing attacks posed a comparatively minor threat, but with an escalating number of data breaches, the threat posed has now increased. What are the solutions to this very human problem? Continue Reading
SolarWinds cyber attack is ‘grave risk’ to global security
More victims of the SolarWinds Orion Sunburst cyber attack are being identified as the massive scale of the Russia-linked cyber espionage campaign becomes more clear Continue Reading
End of Emotet: A blow to cyber crime, but don’t drop your guard
The takedown of Emotet is a huge event with repercussions that will reverberate across the cyber criminal world, but unfortunately that’s not to say there will be much of a long-term impact Continue Reading
2Security strategy-
Developing security strategies
Setting up a plan to protect and defend your infrastructure, devices and users requires a range of approaches, all of which could be enhanced by a more holistic, operation-centric view of threats.
Intelligent ways to tackle cyber attack
Artificial intelligence-powered security tools should enable IT security teams to achieve more with less Continue Reading
How to find the right zero trust strategy
Large tech companies and the US Federal Government have adopted zero trust as their next-generation security model Continue Reading
What are the security priorities for the post-coronavirus world?
The Covid-19 pandemic is forcing massive change across the business world and things may never go back to normal. What does security look like in this new world, and what will buyers be prioritising? Continue Reading
Automating IT security
IT security’s battle with the hacking community has always been a game of cat and mouse, but it’s becoming increasingly automated Continue Reading
SIEM or SOAR or both? Consider your business complexity first
SIEM and SOAR have much in common, but there are key differences between the two that may influence the best fit for your organisation. What should security pros consider when making a choice? Continue Reading
3Security tactics-
How security teams are tackling cyber threats
For security professionals, it’s a daily battle with their adversaries, requiring constant vigilance and excellent detection, defence, and response systems. The coronavirus pandemic also offers an opportunity to rethink your security tactics for the challenges of a post-Covid world.
There’s no going back to pre-pandemic security approaches
The cyber security world will probably never return to its pre-pandemic state, and different approaches to security will come to the fore in 2021 Continue Reading
How Sega Europe slashed incident response times using cloud SIEM
Gaming company’s SOC radically improves its operational efficiency with Sumo Logic’s cloud SIEM service Continue Reading
Making the case for integrated risk management
Security experts discuss how an integrated approach to risk and governance can be effectively managed Continue Reading
Majority of security pros fed up with alert fatigue
A vast majority of security professionals say they experience alert fatigue, and 88% are facing challenges with their current SIEM setup, according to a report Continue Reading
Inside the SOC: the nerve centre of security operations
Security operations centres are the bedrock of any cyber defence strategy, but operating one is increasingly challenging, with mounting workloads and a shortage of skilled personnel Continue Reading
Protecting remote workers an opportunity to do security better
Securing the fully remote workforce has been a challenge for IT teams, but it presents an opportunity to commit to a higher standard of cyber security, according to a Cisco report Continue Reading