sb-au logo
Story image

The definitive guide to identifying, qualifying, and responding to cyber threats

22 Nov 2017

As the chief security officer (CSO) of an organisation, the odds can often feel like they’re stacked against you.

With new ransomware, phishing, and other threats being reported every day, it can get overwhelming trying to keep your organisation safe.

In order to minimise risk, organisations need to have a cybersecurity strategy that combines comprehensive visibility, continuous monitoring, advanced analytics and efficient incident response orchestration.

This will ensure they’re well-positioned to identify and respond to the early indicators of an intruder and neutralise the threat before it can result in a material cyber incident.

When putting a strategy together, it’s difficult to know whether to commit to prevention or detection.

Karen Scarfone and Steve Piper’s e-book, the Definitive guide to security intelligence and analytics, recommends a balanced approach utilising both.

Scarfone and Piper say using preventive controls will stop less-skilled attackers, which reduces the noise and using detective controls will expedite identification of advanced attackers, preventing them from inflicting major data breaches and causing other significant damage.

Most importantly, CSOs need a robust security intelligence and analytics platform to help them make sense of the information and be able to action it quickly.

The e-book by Scarfone and Piper covers key points for CSOs like

  • Understanding a cyber attack life cycle
  • Gathering forensic data for managing cyber threats
  • Qualifying threat intelligence
  • Scoping, designing, and deploying a security intelligence and analytics platform.
Story image
Shlayer malware proves Apple devices aren't as secure as you think
"Apple never talks about malware publicly, and loves to give the impression that its systems are secure. Unfortunately, the opposite has been proven to be the case with great regularity."More
Link image
Phishing campaigns aren't stopping - but neither are their opponents
COVID-19 is presenting the perfect opportunity to cyber attackers to mount potentially devastating spear-phishing campaigns against organisations via their remote workers. Learn how to fight back.More
Story image
Global attack volume down, but fraud and cyber threats still going strong
“The move to digital, for both businesses and consumers, has been significant. Yet with this change comes opportunity for exploitation. Fraudsters look for easy targets: whether government support packages, new lines of credit or media companies with fewer barriers to entry."More
Story image
Proofpoint launches new SMB focused security awareness training
Proofpoint has launched security awareness training for small to medium businesses (SMBs) with the aim of reducing successful phishing attacks and malware infections to almost zero. More
Link image
How a metrics-driven mindset can enable DevOps at enterprise scale
Here's how to enable dev teams to deploy higher-quality software and create reporting standards that clearly communicate software performance.More
Story image
CrowdStrike integrates with ServiceNow program to bolster incident response
As part of the move, users can now integrate device data from the CrowdStrike Falcon platform into their incident response process, allowing for the improvement of both the security and IT operation outcomes.More