visibility

Defining Business-Driven Security™ for the Modern Enterprise

As I travel around the world and meet with CISOs and security teams, I continue to be amazed at the organizational disconnects around managing cyber risk. Security Operations and Identity & Access Management teams operate their own business processes with very few connection points. Security and Risk & Compliance teams have different world views of…

A New Cyber Mission Force

The context is something that could radically turn a bad event to something manageable or even interesting. If we consider how much the threat landscape changed, as did the context where security operates, we realize we are facing one of the most complex and articulated wars of the century – the Cyber War. As stated…

Operational Forensics and Visibility: It’s About Time

The information security community is well aware of the current state of play between attackers and defenders. Attackers are quick to gain access to enterprise systems and quick to start getting enterprise data out, whereas defenders have been painfully slow to detect threats, then respond and recover. The fact-based analysis and insights that are now…

Threat Detection Benchmark Part 1: Uncovering Threat Vectors

When it comes to securing modern IT environments, your strategy hinges on your ability to detect threats. Unfortunately, organizations often rely on only a few sources of threat detection data to provide a foundation for their security strategy, which leads to inadequate visibility and, in turn, greater risk. In Part 1 of this threat detection…

Ramping Up Security Monitoring of Public Clouds

It is no secret that organizations are increasingly placing their security sensitive applications and data into the hands of public cloud service providers, whether via SaaS, PaaS, or IaaS-based cloud infrastructures. But what does this mean for an organization’s security monitoring program, namely their security focused detection, investigation, & response capabilities?  How can an organization’s…