In-house SOCs hidden costs and considerations

Security Operations Centres (SOCs) have an important role to play in the large enterprise. But for mid-to-large enterprises, an in-house SOC may come with more cons than pros. “Not all organisations need to build their own SOC, and doing so could incur unexpected costs and risk exposure,” notes Martin Potgieter, co-founder & Technical Director at Nclose. …

The DNA of cybersecurity failure

Cybersecurity has become one of the most important aspects determining the safety of companies, governments and individuals in the modern age. Headline-grabbing examples of major cybersecurity breaches have become increasingly commonplace, from the Sony Pictures hack in 2014 that points to a hostile foreign government to the exposure of as many as 110 million Target customers’ credit card details due to sophisticated hacking techniques and inadequate response capabilities – not to forget on-going allegations and…

For cybersecurity success, double-down on developing better detectors

The basis of threat detection in security operations centres over the past decade has predominantly relied on rules, commonly defined by SIEM vendors. These “rules” (also called alarms, alerts or use cases depending on the SIEM vendor, or as we prefer to call them “detectors”) then generate alerts that tell analysts that there is a potential threat and helps to produce data that can unearth trends in what types of attacks are common at any given…

Modern KPIs for effective cybersecurity

Faced with increasingly frequent and sophisticated cyber-attacks, enterprises are scrambling to put technologies and processes in place to effectively detect and combat cyber risks. Research by Symantec found that ransomware attacks increased by 36% in 2017 following the introduction of more than 100 new malware families. In its annual Data Breach Year-End Review, the Identity Theft Resource…