Combined security practices that change the game for risk management

05 February 2024News about hackersData protection/threat intelligence

Risk management

A significant challenge in cybersecurity at the moment is that there are many risk management platforms available on the market, but only a few manage cyber risks very effectively. Most will shout warnings at the customer as they become apparent and cause great stress in the process. The problem is that by using a reactive rather than proactive approach, many risks sit there, dormant, until an emergency occurs.

“Having covered SOC operations for more than a decade, I have noticed that nearly 60% of SOC incidents are repeat findings that keep resurfacing due to unmitigated underlying risks. Here the actors may be different, but the risk is essentially the same. This is causing significant alertness fatigue.” – Deodatta Wandhekar, Head of Global SOC, SecurityHQ.

Combination of frameworks and best practices

These risks can be prevented. A platform that combines best practices from multiple frameworks is the solution to address this problem.

What is NIST?

The National Institute of Standards and Technology (NIST) plays a central role in providing companies with the opportunity to develop a comprehensive approach to cybersecurity to prevent or reduce the impact of cyber attacks. NIST provides a comprehensive, structured approach to effectively assess, manage, and mitigate cybersecurity risks.

Read “Building a Resilient Digital Future: NIST’s Impact on Cybersecurity” for more details on NIST facilities.

What is MITER?

The MITER Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) framework is a knowledge base of adversarial tactics, techniques, and procedures (TTPs). These TTPs are based on real-world observations, used by numerous threat actors, which have been made accessible globally to be used as the basis for threat models and methodologies. MITER has a “mission to solve problems for a safer world by bringing communities together to develop more effective security.”

Read “How the MITER ATT&CK Framework Revolutionized Cybersecurity” to learn more about MITER practices.

What is the NCSC?

The National Center for Cyber ​​Security (NCSC) combines the expertise of CESG (the information assurance branch of GCHQ), the Center for Cyber ​​Assessment, CERT-UK and the Center for National Infrastructure Protection (National Infrastructure Protection for safety, NPSA). It is a London-based organization with the aim of making the UK a safer place online. They work collaboratively with other law enforcement, defense, intelligence and security agencies and international partners to ensure their data is as accurate and usable as possible.

Risk intelligence combined with the SHQ response platform

SecurityHQ’s SHQ Response Platform began as a sophisticated cyber incident response solution designed for rapid detection, analysis and mitigation of security threats. It has now evolved significantly so much so that, according to a recent press release, “SecurityHQ has combined its intellectual property and knowledge of risk mitigation and cybersecurity, merging it with several industry-recognized sources, including NIST, NCSC and MITER to provide action on how to identify, map and escalate risks.”

‘The SHQ response platform will help reduce this alert stress by focusing on joint risk mitigation. Not only that, it will be critical to translate a simple line risk statement into an actionable mitigation plan. The SHQ Response platform makes risk creation a very simple process by providing the user with a library of tightly linked threat events, impacts and controls by leveraging the industry-standard knowledge base of NIST, MITER and NVD.’ – Deodatta Wandhekar, Head of Global SOC, Security

  1. Calculate the impact of security threats on your business.
  2. Calculate the probability that the risks will occur.
  3. Identify different tactics and techniques.
  4. Know how to mitigate risks.
  5. Access everything from one single point platform.

What to do next

Orchestrate and enable collaboration, prioritize incidents, visualize risks, and enhance integration with incident response.

Calculate the impact of security threats and the likelihood of risks occurring and highlight how best to mitigate these risks with risk management.

No matter how great the capability of a tool, remember that a tool is only as good as the experts who operate/control it. To get the full benefits of SHQ Response, you need a team of experts who can analyze and act on data and mitigate risks. To find out more about risk management, contact the team here.

Note: This article was expertly written by Eleanor Barlow, Content Manager at SecurityHQ.

Did you find this article interesting? Follow us on Twitter and LinkedIn to read the most exclusive content we publish.

Source link

Leave a Reply

Your email address will not be published. Required fields are marked *