In a previous blog I reviewed the foundational use case for a TIP, which is threat intelligence management—the practice of aggregating, analyzing, enriching and de-duplicating internal and external threat data in order to understand threats to your environment and share that data with a range of systems and users. However, one of the unique benefits of the ThreatQ Platform and where organizations are deriving additional business value, is that it also allows you to address other use cases.
When developing business continuity plans, businesses should understand that they actually need two documents: an incident response plan and a disaster recovery plan. Having an incident response plan means your organization is prepared for possible information security incidents such as a data breach, a system outage, or a security breach.
Cyberattack is one of the common threats that modern businesses are facing today. Despite the growing threat landscape of cybersecurity attacks, many small and medium companies that experience data breaches and threats do not have adequate preparations. This includes prevention measures before the attack and incident response plans during/after the attack.
The SANS 2021 Automation and Integration Survey is now available for download, focusing on the question: First we walked, now we run – but should we? Let’s face it, we’ve talked about security automation for years. We’ve grappled with what, when and how to automate. We’ve debated the human vs machine topic.
On August 5, 2021, the Cybersecurity and Infrastructure Security Agency (CISA) announced the standup of the Joint Cyber Defense Collaborative (JCDC) , a new agency effort to lead the development of cyber defense operations plans.
In recent months, we’ve seen a sharp rise in software supply chain attacks that infect legitimate applications to distribute malware to users. SolarWinds, Codecov and Kesaya have all been victims of such attacks that went on to impact thousands of downstream businesses around the globe. Within minutes of these high-profile attacks making headline news, CEOs often ask: “Should we be concerned? How is it impacting us? What can we do to mitigate risk?” .
According to Research and Markets, the worldwide digital forensics market will expand at a compound annual growth rate of 13% through 2026. The rise of cybercrime is most certainly driving its growth — especially since digital forensics plays a critical role in mitigating cyberthreats in the modern security operations center (SOC).
Threat modeling is increasing in importance as a way to plan security in advance. Instead of merely reacting to threats and incidents, an organization can identify and evaluate its security posture, relevant threats, and gaps in defenses that may allow attacks to succeed. Threat modeling has a two-way relationship with incident response.