Staff time, log processing, and legacy issues can turn free, open-source or low-cost SIEMs into one of your organisation’s most expensive investments. You’re not alone if you’re baulking at the idea of paying upwards of tens of thousands of pounds for a new or renewed SIEM licence. Many security decision-makers feel the same way. One survey showed that almost half (40%) of existing SIEM users feel like they are overpaying for their SIEM.

MITRE ATT&CK Reconnaissance (TA0043) techniques section maps out how threat actors gather information about potential targets. Like other ATT&CK tactics (like initial access and lateral movement), reconnaissance provides useful threat intelligence on adversary tactics, techniques, and procedures (TTPs). It is a realistic approximation of what will happen if you become a target.

Why do 67% of SOC analysts feel like a new job or even a new career sounds like a good idea right now? The reason: alerts. Or, to be more specific, the fact that the time it takes for SOC analysts to deal with security alerts and tickets exceeds the amount of time they have available. The name for this phenomenon is alert fatigue.

How well do you sleep at night? Odds are you would sleep better if you could wake up to Zero Trust Architecture (ZTA). A true ZTA network makes incident response wake-up calls far less likely by shutting down data breaches, ransomware threats or any kind of unauthorised network access. It would also save your organisation at least £500,000 over a four-year period, making your security efforts much easier to advocate for. That’s the dream anyway.

Right now, organisations using AI cybersecurity tools like SenseOn can improve their cybersecurity in three core ways: But, in the future, one of the most significant benefits of AI will be its ability to protect organisations from….AI. To see why, let’s jump into a time machine.

If you are searching for ways to actualise benefits from cybersecurity AI tools or want to find out what AI tools will really make a difference in your SOC, you’re not alone. A World Economic Forum survey last year showed that almost half of all security leaders thought AI and machine learning would have the greatest influence on stopping cyber attacks and malware in the next two years. And that was before ChatGPT started an AI frenzy.

Lock the doors inside your home, hand out keys sparingly, then turn on an alarm in every room. Your house will get a lot more secure. However, it will also become unlivable. Tight security policies, access conditions, and subnetting configurations can take away risk but even mature Zero Trust Architecture (ZTA) environments must balance cybersecurity with usability.

“Just make us Zero Trust.” Hands up if you’ve ever heard some version of this statement. Gather ten cybersecurity pros in a room, and you’ll have ten frustrated people trying to implement Zero Trust Security Architecture (ZTA). Although boards and non-security executives often understand the ZTA security model at a high level and love the idea of an inherently secure network, security teams keep running into walls during implementation.

Bad news first. Implementing Zero Trust is more complex than using a particular service or a product. Although definitions vary, Zero Trust is an approach to network architecture that moves security closer to user actions and away from network assets. In a 100% Zero Trust environment, no user, process or application inside a network is trusted by default.

What size Zero Trust would you like? Zero Trust Architecture (ZTA), and cybersecurity in general, would be easier if you could walk into a Zero Trust shop instead of navigating a human and technological minefield featuring confused executives, reluctant employees, and a buzzword-heavy Zero Trust vendor landscape. The fact that “humans don’t work in a Zero Trust manner” will not change anytime soon, but technology is something in your control.