As people start coming back to the office after working from home exclusively for two years, a hybrid work model will pose a series of challenges for security teams. One of these challenges involves reminding and reeducating workers about security best practices after two years of working remotely and using decentralized services.
Last December, ThreatQuotient announced it had achieved SOC 2 Type II compliance for the ThreatQ Platform. The milestone is significant because it demonstrates third-party validation that ThreatQuotient continues to meet and exceed industry security standards, previously verified by Type I.
You don’t have to look far for proof that cybercrime is soaring to new heights. Early in the pandemic the U.N. reported cybercrime had increased 600% and other experts estimate damages from global cybercrime to reach $10.5 trillion annually by 2025, up from $3 trillion in 2015. Last year alone, we started 2021 in the fog of the SolarWinds attack and finished with the infamous Log4j vulnerabilities, the full impact of which will take years to understand.
Ransomware attacks on Colonial Pipeline, JBS Foods and Kronos are just a few recent examples in the rise of cyber-physical attacks that disrupt lives of individuals and have the potential to cause physical harm. This concerning trend is capturing the attention of organizations worldwide, with Gartner predicting that 75% of CEOs will be personally liable for cyber-physical security incidents by 2024.
The “Tinder Swindler” is an extreme example of how online scammers can mask their identity, charm their victims and bilk them of millions of dollars, but the point is made. Whether you’re looking for love this Valentine’s Day or wanting to show your loved ones how much you appreciate them, beware of online scams. Some of the latest involve gift cards, where scammers who have honed their craft and done their homework about you, ask for payment in the form of gift cards.
The security operations center (SOC) has been on the front line facing the pandemic-induced escalation of cybersecurity threats in the past eighteen months. A 2020 study by Forrester found that the average security operations team receives more than 11,000 alerts per day and that figure is likely to have grown in the intervening period. While they were deeply engaged responding to the crisis, SOC teams were simultaneously facing the disruption common to all formerly office-based workers.
The discipline of threat intelligence began to be incorporated in cyber defense processes within private sector companies nearly a decade ago. Over the past few years, more and more organizations began to establish their own threat intelligence operations, building Security Operations Centers (SOCs), incident response (IR) capabilities and threat intelligence teams.
In my first blog in this three-part series, we discussed the importance of data to the modern SOC, and the unique approach of ThreatQ DataLinq Engine to connect the dots across all data sources, tools and teams to accelerate detection, investigation and response.
In my first blog in this series, we discussed the importance of data to the modern SOC, and the unique approach of ThreatQ DataLinq Engine to connect the dots across all data sources, tools and teams to accelerate detection, investigation and response. We developed the DataLinq Engine with the specific goal of optimizing the process of making sense out of data in order to reduce the unnecessary volume and resulting burden.
Evidence continues to mount that it isn’t a matter of if, but when and how an organization will be attacked. So, we are seeing Security Operations Centers (SOCs) narrow the focus of their mission to become detection and response organizations. As they look to address additional use cases, including threat detection and monitoring, investigation, incident response and hunting, data becomes incredibly more important.
