Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Today’s digital perimeters grant authorized users anytime/anywhere access to sensitive business data. Because of this, SaaS-heavy IT environments introduce a higher complexity to threat detection and response efforts. User activity on SaaS accounts can be quite varied, occurring on multiple endpoints and from a variety of locations. Businesses must distinguish between legitimate and potentially illicit user activity on busy networks.

Security Operations Centers (SOCs) are known as the “nerve center” of enterprise cybersecurity programs; others view them as “war rooms” or “situation rooms.” Regardless of the moniker, one thing is clear: their function is viewed as a critical competency.

Digital transformation is creating rapidly growing volumes of data, leading to new vulnerabilities and attack vectors. At the same time, adversaries are growing increasingly more sophisticated – consider the recent Capital One breach, or the Equifax breach. This combination of factors means SOCs are struggling to fulfill their critical mission of identifying and eliminating threats.

Endpoint detection and response solutions – EDR as it’s more commonly known – act as enterprise surveillance and thus deliver a rich dataset to security professionals. But as with all advances in security, this rich data wasn’t always available in a speedy and cost-effective way. Yet, as a security professional in today’s always-on world, one of your key responsibilities is to efficiently leverage incoming data from every endpoint across your organization.

Breaches aren’t easy to deal with, especially if you are of the opinion that companies are people too. Having seen, been part of, and lent a shoulder to many a breach, here are nine of the common ways companies respond to breaches.