The new SANS 2021 Report: Top Skills Analysts Need to Master analyzes the need for organizations to invest in improving their security operations and identifies the skills analysts must master to support this initiative. Characterizing an analyst as essentially an investigator, the SANS report breaks the investigative process down into two primary areas: Investigative Tasks and Investigative Thinking.
As organizations continue to evolve their security operations maturity and the SOC increasingly focuses on detection and response, three capabilities are foundational for success – threat intelligence, integration and automation. In a recent webinar, “Evolution of CTI – Use Case in a Modern SOC,” ThreatQuotient’s Yann Le Borgne, together with Ben van Ditmars of Atos and Martin Ohl from McAfee tackle this topic.
We all know the security industry mantra: it’s not a matter of if, but when and how we’ll be attacked. Recent reports of intrusion activity increasing fourfold in the last two years and a raft of alerts warning of a rise in attacks on schools, hospitals and healthcare providers, and critical infrastructure companies during the global pandemic have only reinforced this.
On the heels of announcing the closing of $22.5 million in new financing as a result of strong performance in 2020, I’m proud of our team’s latest innovation that we’re announcing today, ThreatQ TDR Orchestrator is a new data-driven approach to SOAR and XDR that accelerates threat detection and response across disparate systems for more efficient and effective security operations.
The investment in security operations is at an all-time high. AustCyber’s ‘Australia’s Cyber Security Sector Competitiveness Plan’ shows spend on security operations makes up more than 40% of all cybersecurity spend ($1.58B in 2018), with cyber spending growth outpacing IT spending growth by nearly two to one.
After a year full of unknowns and new normals, knowledge is power. The spike in cyber breaches in the past year, compounded by COVID-related attacks, has only increased the importance of cyber threat intelligence (CTI). The 2021 SANS Cyber Threat Intelligence survey, sponsored by ThreatQuotient, explores the state of play in the global use of CTI and outlines why the difficulties of the past year have contributed to the continued growth and maturity of CTI.