Comparing legislative and compliance security frameworks, you will see a definite synergy in what they suggest is important to security monitoring. Interestingly, their focus isn’t on collecting every piece of information and security-related event, then trying to figure out what to do with it. What you need to do is understand the value of specific log sources in your ability to detect threats, then tune them to make sure you get the optimum flow of information from them.
Read More
A contemporary defensive cyber security model, known as zero trust, requires organisations to fully develop and integrate the means to detect unwanted or suspicious behaviour throughout their business architecture. The legacy view that cyber security is fought on the perimeter battlefront doesn’t respect that most attacks originate from internal systems and applications already compromised. So, what does a pivot to zero trust mean for organisations who are keen to adopt this comprehensive approach to cyber security?
Read More
In an earlier blog post we looked at how security operations centre (SOC) teams can shift their services up a gear, through better automation, behavioural analysis and threat hunting. The concept of threat hunting isn’t new to security operations; yet, it’s one of the most misunderstood functions a SOC team performs.
Read More
This blog looks at how cyber drills using your SIEM deliver enhanced learning outcomes for your SOC team.
Read More
This blog looks at the increasing volume and frequency of software upgrades and explores how your information security team can take control of the change process and improve situational awareness.
Read More
This blog post looks at the Hybrid SOC model, what it is and why it is worth considering for your operation.
Read More
Monitoring privileged access from your SOC is the best way to detect potential insider threats. Recently, several news stories have shown how important it is to have the tools in place to manage the threat of rogue employees with too many privileges. Facebook, for example, had to fire multiple employees for, “snooping on users,” according to one story reported on Motherboard[1].
Read More
What factors do CISOs take into account when choosing a SOC service model? Information security is high on the agenda of every UK and Australian board these days, especially given the changes in privacy legislation and mandatory data breach notification. However, security is a highly complex issue and requires a deep conviction throughout the business to be successful.
Read More
Should you implement ISO 27001 or align with security controls such as ASD’s Essential Eight or NCSC’s Top 10? Often businesses struggle when deciding which security standards or compliance requirements should be adopted.
Read More
Those who run security operations centres (SOC) acknowledge that the more automation built into the service, the more likely analysts will have the time to hunt for threats. Yet, the path to SOC maturity isn’t one that most SOCs follow. This blog looks at three levels of maturity that SOCs can pass through before being properly integrated with the rest of the business’s service management processes.
Read More