One of the questions customers continually ask is what technology or technologies should be on their radar. While this is a loaded question, listed below are two technologies that will provide a starting point for you to see how these could benefit your organization.
1. XDR (Extended Detection and Response)
Gartner defines XDR as “a SaaS-based, vendor-specific, security threat detection and incident response tool that natively integrates multiple security products into a cohesive security operations system that unifies all licensed components.” Most organizations have many point products to address different security concerns that are not integrated with each other. This lack of integration causes more work for the security operations center (SOC) analysts trying to make sense of all the data. They are working with multiple tools to view the data and then they need to use manual methods to try and correlate the data between the different systems.
The goal of XDR is to unify all security data into a synergistic system. The XDR platform will ingest all the logs from multiple security products into a platform that will correlate and normalize the data. Data may include logs from security incident & event management (SIEM) solution, multi-factor authentication (MFA) solution, Secure Email Gateway, endpoint detection & response (EDR) platform, and other products. The correlation of data is performed with the help of Artificial Intelligence (AI) and machine learning. This allows the XDR platform to operate more efficiently and effectively than using human analysis alone.
Each XDR vendor may have their own implementation and thoughts on what XDR means even if they are working off the same definition, so it is important to understand how each vendor tackles the XDR task.
At a minimum you need to ensure that an XDR solution can provide you with the following.
2. Cyber Risk Management Platforms
Most companies have a Cyber Security Program that incorporates risk management with updated platforms making the process easier and providing business context to help with decision making. Traditional approaches still use spreadsheets to track program implementation against various frameworks, and compliance, which is very time consuming and static. Many programs are still fragmented in terms of full participation from key stake holders. You consistently see Cyber Security Team responsible for all things Cyber; however, if they do not have input regarding what they need and why, they cannot address issues.
Utilizing Cyber Risk Management Platforms helps provide the context needed for business decision makers to see the value and the need for cyber security investments. It helps with the communication gap between different departments while driving accountability. These platforms provide business-related benchmarking. For instance, your overall Cyber Security Maturity may be a 3.1 on a scale of 1 to 5 while the average in that industry is a 3.0. This provides context to upper management in terms of how the organization stacks up against peers, while providing the ability to do assessments based on future changes. For example, if your company is in the process of acquiring another company, you may want to see how this acquisition will affect your Cyber Security Maturity. You may enter the data and based on certain metrics; your maturity score will change which will help you decide if certain actions need to be taken prior to the acquisition.
Here are some of the benefits of a Cyber Risk Management Platform.
If you’re looking for answers on future technologies or current ones, consider SilverSky. We help you overcome your complex security challenges – and make cybersecurity simple, affordable, and accessible. Learn more.