Why have cyber incidents topped the Allianz Risk Barometer for the last two years in a row? Growing attack surfaces are partly responsible. Remote work, cloud migration, IoT use and other trends give cyber threats more places to enter and hide within networks. But there is another cause – deficiencies in the standard approach to threat detection and response.

Is this suspicious network activity alert actually a sign of intrusion, or just another false positive? As the cybersecurity visibility gap widens, anyone who works in a security operations centre (SOC) is likely to ask themselves and their colleagues this question on a regular basis. Unfortunately, as analysts know, answering it is rarely straightforward.

Security information and event management (SIEM) solutions like Microsoft Sentinel SIEM are at the heart of most security operations teams. But like any SIEM, while Microsoft Sentinel can be an incredible tool for centralising security data, it also risks being expensive and ineffective. In a recent webinar I discuss these problems and how SenseOn can help supercharge Azure Sentinel. You can now watch this webinar anytime online.

Security information and event management (SIEM) tools do a huge amount of security heavy lifting. A central record of millions of events, security operation centres (SOCs) rely on SIEMs for everything from compliance to threat detection and response. But as anyone who has ever worked in a SOC will testify, SIEMs have blindspots and problems—lots of them (Read our Head of Technology, Brad Freeman’s account of using a SIEM).

SenseOn helps organisations improve their security posture and provides the technical capability to meet many of the requirements of common cybersecurity standards. Globally, we have customers who have achieved compliance with ISO 27001, PCI DSS, SOC 2, CIS Top 18, HIPAA, GDPR, and more. This article addresses the most common standards and highlights how SenseOn can help.

Remote workforces need network detection and response tools (NDR), but deploying an NDR that works with remote and hybrid environments is another story. Most NDRs are designed for on-premises networks. Unfortunately, that couldn’t be further from what the typical modern environment looks like.

If you are wondering whether your firm needs network detection and response (NDR), ask yourself this question: How often did your team come into the office in the last week? Probably more than they did last year, but almost certainly daily. This is what work now looks like for most people. And if this describes your organisation, you need an extra layer of defence inside your network perimeter. To see why, just look at what has happened to the network perimeter itself.

Getting the benefits of AI threat detection tools is becoming less of an option for security operation centres (SOCs). Last year, the UK experienced more cyber attacks than any other country in Europe. According to IBM’s X-Force Threat Intelligence Index report, nearly half (43%) of all cyber attacks in Europe targeted UK-based organisations.