The cybersecurity industry has talked about security automation for years. We’ve grappled with what, when and how to automate. We’ve debated the human vs machine topic. And when we’ve been burned by machines quarantining a system or blocking a port on a firewall in error, we’ve wondered if there’s any place at all for automation. But deep down we know that automation is the future, and the future is here.
As a CIO, you know that your business faces cyber threats daily. While you may have robust security measures in place, it's impossible to protect your organization from every possible attack. That's where cyber threat intelligence comes in. By incorporating this valuable resource into your security strategy, you can dramatically reduce your risk of a breach.
If you work in an organization, you’ve probably had to take a cybersecurity training course at some point during your time there. Regardless of whether you work in cybersecurity or not, most of us breeze through the slides or videos, halfway listening to the warnings about spear phishing emails and hacking tactics. We complete the training and then we tuck away the lessons learned until the next year when we have to do it all again.
Recently, ThreatQuotient hosted an interactive discussion regarding security orchestration and cyber security automation adoption – what it is, what it’s meant to do, and why it can present a challenge for security teams to set up and maintain. What we heard from attendees was that the most common issues preventing them from integrating some form of security automation into their internal processes are the necessary time and resources.
In the past year, research indicates that nearly a third of organizations have accelerated their plans to automate key security and IR processes, while another 85% plan on automating them in the next 12 months. Despite the positivity of these statistics, many organizations struggle to change to a more automated process. This was highlighted at a recent webinar we held with a panel of senior cybersecurity experts from a multitude of sectors.
“Safe travels!” It’s been a long time since most of us have uttered that phrase. Now we’re saying it with increasing regularity as family members, friends and colleagues are traveling again with greater ease and confidence. I’d like to suggest that when those of us in the security industry wish someone a safe trip, we use the opportunity to remind them of the increased cybersecurity risk they now face and share our expertise for how to protect themselves.
The threat landscape means the entire scope of potential and recognized cybersecurity threats affecting user groups, organizations, specific industries, or a particular time. As new cyber threats emerge daily, the threat landscape changes accordingly.
In previous blog posts we’ve discussed the value of a data-driven approach to security operations. In this post, we’d like to reflect and take a closer look at what that approach means to the automation of SOC (Security Operations Center) workflows and how it has influenced the product and design decisions of ThreatQ and ThreatQ TDR Orchestrator.
We are excited to announce Quadrant Knowledge Solutions has named CrowdStrike as a 2022 technology leader in the SPARK Matrix analysis of the global Digital Threat Intelligence Management market. Among all 28 vendors in the report, CrowdStrike received the highest score in the Technology Excellence category. The SPARK Matrix evaluates top vendors in the Digital Threat Intelligence Management space on a variety of criteria and groups them into Leaders, Challengers and Aspirants.
