Intelligent Tech Channels Issue 51 - Page 40

the most basic of threats that can easily be remediated via technology .
Third , look for technology solutions that leverage the expertise you already have . While context is key for understanding a single threat , it ’ s also valuable for cybersecurity teams who need to make decisions about which threats to prioritise .
Workflow prioritisation can help identify and remediate the most dangerous , timeconsuming threats instead of randomly remediating threats based on when they ’ re discovered .
All of this has culminated in a cybersecurity workforce that is stretched out , overburdened and burnt out .
Many solutions already exist that can provide this kind of automation , orchestration and context .
For example , if you are monitoring the DNS traffic of your network and your DNS Firewall blocks a request to a malicious site , solutions that can automatically trigger a response to the Network Access Control system to quarantine that user into a sandbox until it can be further researched by an analyst can dramatically reduce the time and effort needed to track down and isolate infected devices .
At the same time , systems that automatically send additional context about that user and the request ( Who is the user ? What kind of machine are they using ? Where was the request sent ?) to the analyst can give them a head start into researching and ultimately mitigating the threat .
Vulnerability scanners are also a point of note . Often , they only scan networks at a given interval ( once a day , week , or even month . Yes , monthly scans are a thing ).
Organisations can quickly , easily and automatically improve their security posture by scanning a device as soon as it
Malicious actors are not good sports , waiting for the cybersecurity community to transform itself before launching an attack .
connects to the network by leveraging an orchestration flow where the DHCP server automatically identifies the new machine and triggers the scan .
These and other technology solutions that leverage automation , context and the skills your team already has are not merely a bridge between now and a fully staffed cybersecurity industry of the future . They are a critical part of a robust cybersecurity platform today , one that both improves network security and extends the capabilities of the team you already have . •
40