Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Monday, 6 February, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

Getting your company out of a crisis situation

by The Gurus
May 15, 2018
in This Week's Gurus
malware
Share on FacebookShare on Twitter

Why situation rooms hold the key to dealing with a data breach

 

You can imagine a scene in an action movie where the president is briefed on an ongoing incident, surrounded by generals, and chiefs of staff. Each in turn describe parts of the event, while the president asks questions and directs actions until the incident is over or a decisive move is made to combat the foe. What you can picture is called a situation room.

 

In fact, the situation room is based in reality. Being created in 1961, such a room brings together the right people and information to allow White House staff to be appraised of significant events. Wouldn’t it be a good idea if something similar was available when an organisation is suffering from a security breach?

 

Getting the right data together

 

Cybersecurity is all about quicker detection of a security breach. The industry is moving toward reducing MTTD (mean time to detection) and MTTR (mean time to respond) through automation. However, being fastest isn’t the be-all and end-all. When a security breach occurs, the right response to a data breach is far better than a rushed response. With an instant response, there is a lot of chaos and not much time to digest every piece of information. They can also be myopic by not taking into account what else is going on.

 

There are millions of data points that can be ingested by modern security systems but working through what information is relevant and what response is appropriate can take time. Many security analysts may work on different data points to understand their part. But that can be a minor part, and not that helpful if studied out of context with the larger issue at hand. A narrow view will miss a common thread running through these data points.

 

Responding quicker means the need for collaboration has never been greater.

 

Getting the right people together

 

Breaking analysts out of their respective silos is the key to decreasing response times. The common siloed approach to dealing with breaches means an inability to share intelligence and makes things generally much less efficient than they could be. Collaboration is the way forward in many spheres of an organisation’s life in order to meet business goals and drive growth. Cybersecurity is no different. Getting the relevant people together when a cyber-attack happens is crucial to how successfully that attack is dealt with. It is not just a case of having the right people in the room or on a conference call. That in itself helps a great deal, but all participants need to get an idea of what the problem is, where the evidence is, what is being done, and by whom.

 

Seeing the bigger picture

 

The good news is that here at ThreatQuotient we have just launched such a platform to enable the relevant people to see what is going on and make the right decisions, faster. ThreatQ Investigations is a platform that helps to enable responses to be determined and acted upon faster than previously done. It allows a visual representation of different components of a cyber attack to be easily digested by users and makes the situation easier to work through, the equivalent of your very own situation room.

 

It helps an organisation focus on various aspects of an investigation without being inundated with lots of detail. Users can pivot through vast amounts of data to strengthen detection. The platform can overlay threat data with who is working on what. This can then build up relationships between data points in order to create vital intelligence. With the threat detected and analysed correctly, security teams can then assign the relevant members to investigate and work on different parts of the analysis. They can be assigned tasks and deadlines to accelerate security operations.

 

All this can feed information back into the platform to enable the right responses to be determined and acted upon faster than previously possible.

 

Having such a platform in place is a very powerful way to give teams full and real-time visibility and interaction on an investigation they are working on. This means organisations can collaborate and coordinate actions that will decrease both mean time to detection and also mean time to respond. The right response is better than a quick response, but the right response carried out faster than ever before is even better.

FacebookTweetLinkedIn
Tags: CybersecurityTechnology
ShareTweetShare
Previous Post

Getting smarter about protecting healthcare systems from cyberattacks in 2018

Next Post

DDoS Attacks Leverage UPnP Protocol to Avoid Mitigation

Recent News

Phone with app store open

$400,000 Fine for Stalkerware App Developer

February 6, 2023
london-skyline-canary-wharf

Ransomware attack halts London trading

February 3, 2023
Ransomware conversations: Why the CFO is pivotal to discussing and preparing for risk

Ransomware conversations: Why the CFO is pivotal to discussing and preparing for risk

February 2, 2023
JD Sports admits data breach

JD Sports admits data breach

January 31, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information