Most threat actors are using tools that are automated and execute at compute speed and if enterprises respond at human , Zoom-meeting speed , they are in big trouble . Security decision makers must have their remediation processes documented and ready to apply cybersecurity tools like SIEM , SOAR solutions , explains Filippo Cassini at Fortinet .

The European Union General Data Protection Regulation , GDPR and other regulations like the NIS 2 Directive , an EU legislative act that aims to compel a higher and common level of cybersecurity across all the organisations within the union , are driving structural changes in cybersecurity .

Ultimately , it all boils down to adhering to the rules to protect organisations and , by extension , citizens from cybercriminals .

From an executive vantage point , the central questions to be addressed are : Is my company safe ? Is my IT organisation doing a good job of protecting us ? And , as a leader , am I making sure we are doing what is required by the SEC , or the EU government , or whoever else is creating the regulations ?

Filippo Cassini , Global Technical Officer , SVP of Engineering , Fortinet

Are we safe ?

Executives rely on their cybersecurity teams to give them an accurate and unvarnished view of the organisation ’ s security posture . When leadership asks , are we safe ? the team needs to respond in a way that they can be easily understood and is honest .

Cybersecurity managers should frequently check the pulse of their networks . When they come upon a concern , they need to provide executives and board members with timely reports about attacks , threats , and indicators of compromise , IOCs .

Typically , an IOC is something new or abnormal that is occurring . This is often a sign that your organisation has been compromised . An example of an IOC might be that some devices in the network are connecting to somewhere never witnessed before .

Or it might be an unusual rate of connection or an unusual amount of data being transferred to or from certain locations that are geo-based . Anytime you experience something you would not expect , proceed carefully and be suspicious .

Are we ready ?

Organisations need cybersecurity technology , but they also need to consider their readiness , which requires a strategy . Organisations can acquire pretty much any product or service that they want to protect

Organisations need cybersecurity technology , but they also need to consider their readiness , which requires a strategy .

against this or that particular threat , but the job does not stop there .

Each of these new tools will generate information logs and reports . When the tools generate data , a dedicated individual

40 www . intelligenttechchannels . com