Continuous response needed to combat cyber attacks
As the threat landscape continues to rapidly evolve, businesses need to be able to react quickly and have an effective strategy to deal with attacks.
Security specialist F-Secure is calling for greater emphasis on both preparing for a breach as well as fast and effective containment that has the correct balance of people, process and technology.
"Cyber breaches are now a fact of life for many companies. It's no longer a matter of 'if' a company will be breached, the question is 'when'. And that calls for a shift in how organizations handle many aspects of security," says F-Secure Countercept managing director Tim Orchard.
The idea of continuous response is to combine elements of collaboration, context, and control into a fluid process. In practice, this could mean a single team of threat hunters, first responders, administrators and other personnel working together to actively identify and address potential threats before they escalate.
An area of weakness is the lack of investment in effective incident response strategies. 44 percent of respondents to a recent survey by F-Secure company MWR Infosecurity say they invested less in their response capabilities than in threat prediction, prevention, or detection.
Managed detection and response (MDR) solutions can help achieve this with a blend of 24/7 threat monitoring, detection, and response services that make use of advanced analytics and threat intelligence to help protect organizations.
"A lot of incident response traditionally has been post breach," adds Orchard. "Finding a balanced MDR solution, regardless of whether it's an in-house solution or outsourced, is key. I think our approach to preparing our clients to assume the breaches have already happened, and then help them hunt down those threats, is the essence of continuous response."
You can find out more about the benefits of continuous response on the F-Secure blog.