Managing the Risk of Cancer in Security

Recently, a friend brought up the term Carcinization and I had to look it up. It turns out that this term was created more than a century ago to explain the process of crustaceans transforming into crab-like forms. What does this example of convergent evolution have to do with security? It is a great analogy for how the security industry has evolved and why security leaders often have difficulty deciding which security investments are best for their organization. Initially, security was composed of a series of point products to address particular issues. Companies used endpoint antivirus, firewalls, IPS/IDS, and routers to protect themselves. Later, email and web security tools were added, as well as SIEMs and other tools such as ticketing systems, log management repositories, and case management systems to store internal threat and event data. Endpoint detection and response tools were then introduced and this marked the beginning of the next phase in the industry's evolution. This is when the traditional boundaries between endpoint and network security technologies started to break down and product categories were no longer clearly defined. When the concept of extended detection and response was introduced a couple of years ago, industry analysts had different, but overlapping, definitions of it. Some said XDR is EDR+ while others said XDR is not a solution, but an approach or an architecture. Now the industry is discussing threat detection, investigation, and response platforms and depending on who you ask about the difference with XDR, you will get a different answer. Some say XDR is an overarching architecture and TDIR is the platform that integrates all the capabilities required for XDR. Others say TDIR is a process. Another group says they are the same. This variety of perspectives as related security concepts take on similar characteristics creates a lot of confusion for security teams trying to evaluate and purchase security technologies to strengthen their organization's security posture. At a time when the market should be maturing and moving security forward, these discrepancies prevent that from happening. So, how can security teams make sense of all this? In the carcinization of security, where everything starts to look and sound the same, it is essential to focus first on use cases. To do this, start with what you are trying to accomplish, the associated workflows, and the people, processes, and technology required. From there, you can look at where the gaps exist and where to invest to achieve your goals. Sometimes you may need a specific technology for a specific use case. Or, ideally, you find a platform that can handle multiple use cases security professionals are focused on today as security operations centers mature. These include spear phishing, threat hunting, alert triage, vulnerability prioritization, and incident response. For each of these use cases, context is critical to understand the who, what, where, when, why, and how of an attack. With a security operations platform that can aggregate and correlate internal threat and event data with external data on indicators, adversaries, and their methods, you can analyze multisource data and understand relevance to your environment based on parameters you set. Once you have the right data and context, you can pivot around a specific piece of data to understand and act. You can parse and analyze spear phish emails for prevention and response, prioritize alerts for triage, identify vulnerabilities to patch first, and accelerate threat hunting. Integration with the right tools allows you to send data back out across your defense grid to accelerate incident response, including blocking threats, updating policies, and arming the organization against the next wave of attacks. The truth is, the walls established to separate product categories should have been challenged sooner for the benefit of security. Organizations considering the latest acronym or spurred by the latest attack may have selected a different, more effective tool or platform depending on their goals, internal resources, and capabilities. When everything starts to look like a crab and walk like a crab, we can't rely on labels. We need to look at use cases, desired outcomes, and the best path to get us there.

This Cyber News was published on www.securityweek.com. Publication date: Thu, 02 Feb 2023 14:41:03 +0000


Cyber News related to Managing the Risk of Cancer in Security

16 top ERM software vendors to consider in 2024 - Enterprise risk management software helps organizations identify, mitigate and remediate business risks, which can lead to improved business performance. The risk management market is rapidly evolving from separate tools across different risk domains ...
8 months ago Techtarget.com
Seattle cancer center confirms cyberattack after ransomware gang threats - A prominent cancer center based in Seattle is dealing with a cyberattack claimed by a notorious cybercrime gang that currently appears to be extorting the healthcare facility. On Friday morning, the Hunters International ransomware group listed the ...
9 months ago Therecord.media
New AI System Aids Early Detection of Deadly Pancreatic Cancer Cases - A new research has unveiled a novel AI system designed to enhance the detection of the most prevalent type of pancreatic cancer. Identifying pancreatic cancer poses challenges due to the pancreas being obscured by surrounding organs, making tumor ...
8 months ago Cysecurity.news
Master Security by Building on Compliance with A Risk-Centric Approach - In recent years, a confluence of circumstances has led to a sharp rise in IT risk for many organizations. That's why a proactive approach to seeing, understanding, and acting on risk is key to improving the effectiveness of defenses in place to meet ...
9 months ago Cyberdefensemagazine.com
ProcessUnity Introduces Industry's All-In-One Third-Party Risk Management Platform - PRESS RELEASE. BOSTON-(BUSINESS WIRE)- ProcessUnity, provider of comprehensive end-to-end third-party risk management and cybersecurity solutions to leading enterprises, today announced the completed integration of the Global Risk Exchange. The newly ...
8 months ago Darkreading.com
Key elements for a successful cyber risk management strategy - In this Help Net Security interview, Yoav Nathaniel, CEO at Silk Security, discusses the evolution of cyber risk management strategies and practices, uncovering common mistakes and highlighting key components for successful risk resolution. Nathaniel ...
8 months ago Helpnetsecurity.com
Third-Party Security Assessments: Vendor Risk Management - As businesses rely more heavily on external vendors to provide critical services and support, the importance of effective vendor risk management strategies becomes paramount. This article explores the significance of third-party security assessments, ...
8 months ago Securityzap.com
A Cybersecurity Risk Assessment Guide for Leaders - Now more than ever, keeping your cyber risk in check is crucial. In the first half of 2022's Cyber Risk Index, 85% of the survey's 4,100 global respondents said it's somewhat to very likely they will experience a cyber attack in the next 12 months. ...
1 year ago Trendmicro.com
Key Takeaways from the Gartner® Market Guide for Insider Risk Management - Insider risk incidents are on the rise and becoming more costly to contain. As a result, earlier this year, Gartner predicted that 50% of all medium to large enterprises would adopt insider risk programs. The report reveals several key findings about ...
9 months ago Securityboulevard.com
Three Things to Know About the New SEC Rules on Sharing Information and Breach Disclosure Deadlines - Recently, the Securities and Exchange Commission adopted rules about the handling and reporting of cyber risks and breaches. With these new guidelines and regulations, public companies and organizations must disclose cybersecurity incidents ...
8 months ago Cyberdefensemagazine.com
How to Complete an IT Risk Assessment - An effective security strategy needs to put managing risk at the heart of its approach. An IT risk assessment process is used by organizations to identify and prioritize the most pressing risks to their IT environment. Naturally, it focuses on IT ...
9 months ago Heimdalsecurity.com
The ONE Thing All Modern SaaS Risk Management Programs Do - Reducing SaaS risk is, without a doubt, a difficult challenge. Gaining visibility into all the SaaS apps used across an enterprise is hard enough, but it becomes an even greater challenge when only a portion of the apps go through the company's ...
5 months ago Securityboulevard.com
A Plan to Protect Critical Infrastructure from 21st Century Threats - On April 30th, the White House released National Security Memorandum-22 on Critical Infrastructure Security and Resilience, which updates national policy on how the U.S. government protects and secures critical infrastructure from cyber and ...
4 months ago Cisa.gov
Critical Start Implements Cyber Risk Assessments With Peer Benchmarking and Prioritization Engine - PRESS RELEASE. PLANO, Texas, Jan. 11, 2024 /PRNewswire/ - Today, Critical Start, a leading provider of Managed Detection and Response cybersecurity solutions and pioneer of Managed Cyber Risk Reduction, announced general availability of Critical ...
8 months ago Darkreading.com
Critical Start Asset Visibility helps customers become more proactive within their security program - Critical Start launched their Asset Visibility offering. As part of an MCRR strategy, Asset Visibility helps customers become more proactive within their security program, helping them uncover assets that need protection, validate that the expected ...
8 months ago Helpnetsecurity.com
Microsoft Security Copilot improves speed and efficiency for security and IT teams - First announced in March 2023, Microsoft Security Copilot-Microsoft's first generative AI security product-has sparked major interest. With the rapid innovations of Security Copilot, we have taken this solution beyond security operations use cases ...
9 months ago Microsoft.com
Navigating the Security Risks of Multicloud Management - The lack of visibility and control over multiple clouds exacerbates these risks, making it imperative for organizations to adopt robust cloud security practices. These tools enhance visibility across multiple cloud environments by providing a unified ...
2 days ago Darkreading.com
4 Metrics That Help CISOs Become Strategic Partners With the Board - Many CISOs experience burnout, and most find it difficult to be recognized as strategic, growth-oriented partners to their leadership team and board of directors. Challenges CISOs Face When Reporting to the Board It can be hard for CISOs to prove ...
9 months ago Darkreading.com
Meet the Cisco Security Risk Score - In April 2023, we rebranded our risk-based vulnerability management solution, Kenna. Effective immediately, the Kenna Risk Score is renamed to the Cisco Security Risk Score. VI is renamed to Cisco Vulnerability Intelligence, and Kenna. To strengthen ...
9 months ago Feedpress.me
Cybersecurity jobs available right now: October 2, 2024 - Help Net Security - As an Applied Cybersecurity Engineer (Center for Securing the Homeland), you will apply interdisciplinary competencies in secure systems architecture and design, security operations, threat actor behavior, risk assessment, and network security to ...
4 days ago Helpnetsecurity.com
Enhancing Organisational Security: A Comprehensive Guide to Insider Risk Management Courses - In a world increasingly aware of internal security threats, the necessity for comprehensive insider risk management courses has never been more crucial. Astonishingly, up to 90% of organisations acknowledge their vulnerability to insider attacks, ...
8 months ago Securityboulevard.com
CISOs Need to Take a Holistic Approach to Risk Management - Although the traditional approach to cybersecurity typically revolves around mitigating threats and vulnerabilities, these tactics are no longer enough to protect businesses effectively. There is now a need for a more comprehensive, holistic approach ...
9 months ago Feeds.fortinet.com
Five business use cases for evaluating Azure Virtual WAN security solutions - To help organizations who are evaluating security solutions to protect their Virtual WAN deployments, this article considers five business use cases and explains how Check Point enhances and complements Azure security with its best-of-breed, ...
4 months ago Blog.checkpoint.com
How to Use Context-Based Authentication to Improve Security - One of the biggest security weak points for organizations involves their authentication processes. Context-based authentication offers an important tool in the battle against credential stuffing, man-in-the-middle attacks, MFA prompt bombing, and ...
8 months ago Securityboulevard.com
Living Security Unify Go improves human risk management - Living Security announced Unify Go, a free tool for Living Security training customers that surfaces security vulnerabilities across the workforce by aggregating and correlating employee behavior across security training, phishing, and email security ...
9 months ago Helpnetsecurity.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)