New Best Practice No. 1. Adopt a model for full threat lifecycle ... Consider automated machine analytics, which relies
Mitigate Advanced Cyberthreats with
Threat Lifecycle Management The latest threat management strategies combined with next-gen security operations centers reduce risk and effectively block sophisticated attacks. Cyberbreaches are becoming ubiquitous:
76%
of IT organizations say they’ve been compromised by cyberattacks.1
As the number of breaches grows, their economic consequences rise:
$7.7 million is the average cost of attacks to compromised organizations.2
The bottom line: Modern security strategies must keep pace with sophisticated hackers. The traditional mantra remains:
• Protect • Defend • Respond But organizations must do more.
New Best Practice No. 1 Adopt a model for full threat lifecycle management. This includes the following: Forensic Data Collection Collect essential data, including information from event logs and forensic sensors. Threats target all aspects of the IT infrastructure, so the more you can see, the more you can detect. Discover Analyze data for anomalies. The traditional way to do this is search analytics, but that’s people-intensive. Consider automated machine analytics, which relies heavily on software. Qualify Assess the potential impact of discovered threats to the business and the urgency of response efforts. Reduce false positives with tools designed to identify them quickly and accurately. Investigate Fully investigate qualified threats to confirm whether a security incident has occurred or is in progress. Neutralize Reduce response times with updated incident-response processes and playbooks coupled with automation.
Recover Leverage threat intelligence to detect if the threat returns or has left a back door. Apply lessons learned to bolster defenses.
New Best Practice No. 2 Create a next-generation security operations center. This is a systematic approach for optimizing people, technology, and processes to most effectively protect the confidentiality, integrity, and availability of information systems and assets.3
The main pillars of a next-gen SecOps center: • Thoroughly scoped • Resilient by design • Automated to streamline • Intelligence-driven • Continuous learning
The Payoff 1. Faster detection and response reduce risk. 2. Early neutralization stops cyber incidents and data breaches. Get details about implementing threat lifecycle management and building a next-generation security operations center. 1. CyberEdge Group, LLC. “2016 Cyberthreat Defense Report.” 2016. 2. Ponemon Institute. “2015 Cost of Cyber Crime Study: Global.” Sponsored by Hewlett Packard Enterprise. October 2015.
3. Roselle Safran in webcast “Building and Instrumenting the Next-Generation Security Operations Center.” Dark Reading. Sponsored by LogRhythm. 2016.
