or group must be ready to process all the new information .
If your organisation is not processing this new security data , some intrusion that could have been prevented invariably happens . Often , the IT team discovers the initial attack occurred months before , despite all the relevant devices doing their job of generating data logs .
However , with no one analysing all the information , a preventable hack can easily occur . If your organisation wants to maintain its security posture , you must be able to do the triage .
Do we have a plan ?
When the triage has pinpointed an attack , your organisation needs to have a plan in place . And that means , you have to proactively know what tools you have , who the players are , and who needs to be doing what . This is not the time to say , Let ’ s call a meeting and figure it out !
Most hackers are using tools that are automated and execute at computer speed . If your organisation tries to respond at human , Zoom-meeting speed , you are in big trouble . So , you must have your processes documented and prepared in advance .
Cybersecurity managers should frequently check the pulse of their networks .
Also , you should proactively employ some software technology , like a SIEM or SOAR solution , which enables you to respond to threats immediately .
Are we using a platform ?
Good collaboration requires moving from a best-of-class approach to a platform approach . With a platform , you can use multiple technologies that can exchange information between themselves and in an open way with other systems . The platform approach is more efficient .
It allows multiple technologies to talk to each other and extract information that can be used proactively , effectively , and automatically .
For example , when you analyse every confirmed threat and build a model for responding to it , you may end up building
INTELLIGENT TECH CHANNELS 41