ISC Security Events’ Post

"According to ESG research, 45% of cybersecurity professionals believe that security operations are more difficult today than they were two years ago, while another 11% claim that things are about the same." Honestly, I'm shocked that only 45% find it more difficult today. Between the growing attack surface and the continuously evolving threat landscape, how can it not be more difficult?? Security is, and will always be, one of the most fluid and complex parts of the network. Approaching it from a "collective defense" standpoint may indeed be the answer...... for now. https://lnkd.in/gmQ_3wNx

Uncertainty in security operations has never been higher. With a major portion of SIEM deployments changing ownership and, in some cases, forcing migration, security leaders are scrambling to evaluate their options. In this environment, flexibility becomes a tremendous asset. How easy is it for your SOC to compare performance between alternatives? How will compliance requirements for historical retention be satisfied during a transition? The answer depends on your level of lock-in. Security organizations that own their data in a standard format with detection logic in a standard query language are best positioned to weather this storm. The winds of change that began with Splunk selling to Cisco and reached hurricane speeds with Exabeam and Qradar quitting the market in one day will rage on for years. There are just too many questions to answer around XDR, AI, and other early SOC trends, for things to settle down any time soon. The best approach, I believe, is to minimize your lock-in with any security vendor. This might not be an option for early-stage security organizations but don’t assume that only the largest SOCs can own their destiny. The past few years have seen dramatic democratization of security data lakes and an open ecosystem of security products that can plug into your data with standard formats, languages, and integrations. As a result, you can make SIEM lock-in reduction a priority for 2024. If you do, please reach out to strategize on an approach that won’t disrupt your existing processes.

The need for advanced, intelligent security solutions has never been greater than in today’s rapidly evolving security landscape. Discover how Symphia is guiding organizations into the future in our most recent blog. #intelligentsecurity https://hubs.li/Q02lQ7930

In cybersecurity, every second counts. ⏱️ Discover how AHEAD leveraged Elastic Security to achieve a 92% automated resolution rate, reduce false positives and triage time, and maintain an industry-leading #MTTR of 6.9 minutes. https://lnkd.in/e2tTCDdf

In cybersecurity, every second counts. ⏱️ Discover how AHEAD leveraged Elastic Security to achieve a 92% automated resolution rate, reduce false positives and triage time, and maintain an industry-leading #MTTR of 6.9 minutes. https://lnkd.in/e2tTCDdf

Jon Olstick has written a great piece on the direction we, as a cyber security industry, are heading....give it a quick read. "Architectural Security" is, to be honest, what me and folks like me have been barking about for years. -That there is no single vendor who has every solution. -That line of sight is as important as security tooling. -That basic endpoint hardening is worth 1000 times a sexy, popular EDR client...doubly so for infrastructure hardening. -That adherence to a framework is always going to keep your security maturation on track, and having none is almost like flying blind. -That open standards are going to establish their security value while proprietary components will prove to be a liability. We at NCC are already on top of delivering managed security services with every one of these points in mind, and building actively in this direction. Shoot me a DM if your org is looking to stay on ahead of these evolutions in design. #cybersecurity #securityarchitect #itsurfwatch https://lnkd.in/eCU8pXRW

In cybersecurity, every second counts. ⏱️ Discover how AHEAD leveraged Elastic Security to achieve a 92% automated resolution rate, reduce false positives and triage time, and maintain an industry-leading #MTTR of 6.9 minutes. https://lnkd.in/e2tTCDdf

In cybersecurity, every second counts. ⏱️ Discover how AHEAD leveraged Elastic Security to achieve a 92% automated resolution rate, reduce false positives and triage time, and maintain an industry-leading #MTTR of 6.9 minutes. https://lnkd.in/e2tTCDdf

In cybersecurity, every second counts. ⏱️ Discover how AHEAD leveraged Elastic Security to achieve a 92% automated resolution rate, reduce false positives and triage time, and maintain an industry-leading #MTTR of 6.9 minutes. https://lnkd.in/e2tTCDdf

In cybersecurity, every second counts. ⏱️ Discover how AHEAD leveraged Elastic Security to achieve a 92% automated resolution rate, reduce false positives and triage time, and maintain an industry-leading #MTTR of 6.9 minutes. https://lnkd.in/e2tTCDdf