tThe critical challenges to information security
Data breaches constantly threaten enterprises today . And the risk continues to grow : the cost of breaches rose from US $ 3.62 to US $ 3.86 million , increasing by 6.4 % from last year . Time-to-compromise is now measured in minutes and data exfiltration happens in days .
Unable to quickly respond , organisations risk exposing valuable data and confidential information . The recovery process can be incredibly expensive and the damage to the business reputation incalculable .
Why does it take so long to identify and respond to threats ? Security and IT professionals point to one primary culprit : the disconnect between security and IT tools . Traditional approaches hamper efficient incidentresponse co-ordination across organisations :
• Numerous , disjointed tools cumulatively generate thousands of unprioritised alerts
• Lack of automation leads to hours wasted on manual processes
• Organisational opacity and difficulty tracking down the right contacts
• Multiple , unsecured data sets and security runbooks make it impossible to ensure everyone is on the same page
Beyond inefficiency , the manual processes associated with traditional security responses trigger other issues .
Spreadsheets quickly become out-of-date and emails frequently end up in the wrong inboxes . In both scenarios , defining and tracking performance metrics can be extremely difficult .
And all too often , these manual processes force highly trained employees to focus on low-level tasks , resulting in high turnover .
Comparing security response approaches : Traditional versus new
When a high-profile vulnerability arises , there are several ways an enterprise can react . Compare the response of an organisation using a traditional , disjointed approach with one using an integrated response platform .
Traditional approach
Once a threat is uncovered , the security team scrambles to address it . The CISO hears about it and wants to know if the organisation is affected . The team races to assess systems and determine who needs to approve any emergency patching .
Many processes are manual , so analysts struggle to quickly gather the information required to provide the CISO with an accurate assessment of the impact .
Manual co-ordination between teams can take days , leaving critical systems vulnerable and putting the business at risk of a data breach . p
LATEST INTELLIGENCE
IMPLEMENTING AGILE SECURITY RESPONSE
PRESENTED BY
www . intelligentcio . com INTELLIGENTCIO AFRICA 17