Cyber Defense program is paramount for an organization’s healthy security posture for timely detection of security events and by responding to them in an appropriate and swift manner. The program requires adequate support from top management, each and every employee of the organization and support from other cyber security functions and for it to succeed. Also, the program will succeed when the three pillars of Cyber Security i.e., People, Process and Technology collaborate well and deliver their cybersecurity responsibilities to the fullest potential.
We shall do a deep dive analysis on each of these pillars, what are their Strengths, Weaknesses, and Opportunities for Improvement with respect to Cyber Defense.
The technology pillar is mostly comprehended with Defense in Depth strategy which is widely adopted by many organizations. When a wide array of security technology controls are deployed into the environment, they will come up with their own set of challenges. One such kind of a challenge is alert fatigues and false positives. Fine tuning the technology platform to filter out all the noises, unwanted alerts and generate only high-fidelity alerts is a daunting task for the organization and its Cyber Defense team. Which tools can help here and what are the best practices to be employed by organizations.
Cyber Crisis Management Process: Another example of combining the people and processes where many organizations lack that coordination.
Threat modelling and Threat profiling: Another good example which combines the technology and process. The organizations must identify what their priorities are and how they can protect its crown jewel resources from cyber threats.
Tools to Highlight: DNS Security, EDR, NDR, Proxy and Web Filtering, Threat Intelligence, Threat Hunting tools, Incident Response and Forensic Tools & SIEM.