Security Operations teams are being put through their paces. With an acute shortage of cybersecurity skills, and an increasingly complex threat landscape, the challenges faced cannot be addressed solely by increasing the size of SOC teams.
The use of new tools, designed to addressed the four key strategic areas below, is essential in enabling Security Operations to stay ahead.
Extending the scope of detection to new perimeters
Protection, visibility and control of new areas of the IS such as the cloud and of endpoint resources that are increasingly being chosen as targets
Standardising and automating the response process
With SOC teams struggling to process the events generated by existing tools, it’s essential to standardize and automate interactions between teams and systems, and the sequence of analysis and response
Enhancing detection through new approaches
New deceptive security and machine learning detection techniques are required to filter out zero-day, low signal and file-less attacks whose increasing sophistication is undermining existing security measures
Improving knowledge of threats and attackers
Intelligence platforms provide an advanced knowledge of threats and attackers which can improve existing detection capabilities, help prioritize incidents to be dealt with, and increase the effectiveness of the response
CPE ISC2 credits will be available for the workshops.