High-Impact Strategies to Automating SecOps

High-Impact Strategies to Automating SecOps

Cyber Security Automation; Where to Start

The short and quick answer is; you start with the most impactful tasks. These are the tasks that will bring the highest value and return on your investment in the shortest period of time.

When automating your Security Operations Center (SOC), tasks in an effort to deal with high volumes of appliance events and alerts, you'll likely find that analysts will have tightened the criteria on what triggers an alert to be sent to them. This action will provide the analyst with the highest priority alerts.

Read More »

Representing and Applying the Wisdom of Cyber Analysts

Representing and Applying the Wisdom of Cyber Analysts

In the previous blog post I let it be known that the cybersecurity analyst is the fundamental answer to many of the current problems of today. These analysts have been fighting the good fight. They’ve won some battles and lost some battles. They carry their experiences forward to apply to the next round. My point is that their experience and knowledge is incredibly valuable.

Here is a problem for us to consider: the number of cyber-criminals is increasing, and the number of cyber analysts isn’t keeping up, there is a huge shortfall in our protection from criminals and terrorists. How are we to balance this equation? Educational institutions are scrambling to meet the challenge. Government is sponsoring programs such as Cybercorps to help by providing stipends and tuition to potential cybersecurity analysts.  But it is a technical and challenging subject matter, it takes time to learn.

The answer is that we have to apply more cybersecurity wisdom than the bad guys can apply cyber-malice. Given that the growth in the number of security good guys is outpaced by the number of bad guys we have to automate the actions of the good guys. How do you automate wisdom?

Read More »

Subscribe to Email Updates

Subscribe via RSS to the blog

Recent Posts