Like the video game industry, security has shifted toward unified platforms, and contextual threat intelligence is the cheat code SOC teams need to defeat the bosses standing in the way of security.
A fusion center uses a wider set of data sources, collects data from both inside and outside the organization, and delivers it to the right people to help them respond and recover more efficiently.
At RSAC 2019, Sridhar Muppidi and Devin Somppi implored vendors to "start looking at security as a team sport" and redouble their efforts to reduce complexity in their security architecture.
SIEM tools can help security operations center (SOC) teams detect threats, but what good is threat data without the context analysts need to quickly respond to incidents? That's where SOAR comes in.
To bridge the skills gap, increase efficiency and lighten the load of overwhelmed analysts, it's imperative to encourage knowledge sharing among your security operations center team.
By following the example of industry leaders with mature security analytics capabilities, less advanced organizations can improve SOC visibility and shift from reactive to proactive threat detection.
Strong collaboration between IT and OT is a critical step in improving the security of critical infrastructure systems.
Cybersecurity industry leaders should define a new threat intelligence model that is three-dimensional, nonlinear, rooted in elementary number theory and that applies vector calculus.
While many CISOs are tempted to invest in as many new technologies as they can find to fight emerging threats, less is more when it comes to minimizing cybersecurity complexity.
Standards, baselines and naming conventions can remove barriers to threat detection and response and help security teams build effective SIEM use cases.