Cyberattacks can happen anywhere and at any time. IBM Security recently made a giant leap toward leveling the playing field with its new Cyber Tactical Operations Center (C-TOC), a fully mobile cyberthreat training simulator modeled after the tactical and incident command centers used by the military and first responders.
On today’s podcast, IBM X-Force Threat Intelligence Global Partner and Director Wendi Whitmore details the critical roles of the C-TOC and IBM X-Force Incident Response and Intelligence Services (IRIS) in helping companies improve incident response (IR) and remediation.
Improving Network and Endpoint Security on the Road
As Whitmore notes, X-Force IRIS drives improved network security by combining large-volume attack analysis with technical deep-dives to discover who’s responsible for an incident and what specific actions they’ve taken to compromise security controls. IBM Command Centers in Cambridge, Massachusetts, and Atlanta, Georgia, as well as the new mobile C-TOC, offer a fully immersive way to get all stakeholders involved in the IR process.
For example, what happens if your CEO is contacted by journalists after a cyberattack? What do legal teams need to know about cyberthreat response? These aren’t idle questions: X-Force IRIS data makes it clear that organizations now face more threats at higher volumes than ever before, and must be prepared to detect these threats across endpoints and networks. And the challenges don’t stop there. Organizations must also stand ready for public response — and public perception — around cyberthreat incidents.
Stay One Step Ahead of Attackers With Cyberthreat Training
Whitmore’s best advice for organizations is to make sure you’ve got an IR plan in place — 50 percent of companies still don’t — and to test that plan on a set schedule. It’s important to test your response plan regularly because you’ll often discover something new each time, such as a vulnerability you hadn’t noticed, a piece of technology that opens potential network gaps or user behavior that puts critical data at risk.
Whitmore also advocates for retainers. Instead of consulting experts after a cyberattack occurs — when the world is watching — information security retainers can provide on-demand advice to help mitigate incident impact or entirely avoid potential threats.
The bottom line is that incident response is becoming more critical than ever, especially with the public keeping an eye on companies as they look to mitigate damage and identify attackers. Cyberthreat training and expert analysis can provide the ideal ground to help IT professionals and C-suite executives alike stay one step ahead of threat actors.
If you enjoyed listening, don’t forget to subscribe so you never miss a new episode. Please also consider rating the podcast or leaving your feedback on iTunes or wherever you listen.