For cybersecurity success, double-down on developing better detectors

The basis of threat detection in security operations centres over the past decade has predominantly relied on rules, commonly defined by SIEM vendors. These “rules” (also called alarms, alerts or use cases depending on the SIEM vendor, or as we prefer to call them “detectors”) then generate alerts that tell analysts that there is a potential threat and helps to produce data that can unearth trends in what types of attacks are common at any given…

Modern KPIs for effective cybersecurity

Faced with increasingly frequent and sophisticated cyber-attacks, enterprises are scrambling to put technologies and processes in place to effectively detect and combat cyber risks. Research by Symantec found that ransomware attacks increased by 36% in 2017 following the introduction of more than 100 new malware families. In its annual Data Breach Year-End Review, the Identity Theft Resource…