Cybersecurity Analytics and Operations · The Changing Landscape of Cybersecurity Analytics and...
1
Transcript of Cybersecurity Analytics and Operations · The Changing Landscape of Cybersecurity Analytics and...
The changing landscape of
Cybersecurity Analytics and Operations
Not Enough Time Organizations continue to struggle with security analytics and operations despite years of cybersecurity experience and increasing investment.
Too Many Tools & ProcessesTools that are not integrated are adding to the reactive problem:
On average, organizations are using between
25 AND 30 DIFFERENT security technologies and services
What is making it more diicult?
Cyber-adversaries often employ sophisticated attack tactics, techniques, and procedures (TTPs) in order to avoid detection. In many cases, multi-stage attacks simply blend into benign IT activities. This forces organizations to constantly upgrade security analytics and operations tools, skills, and processes to stay a few steps ahead of the hackers. Unfortunately, this can be extremely diicult as security analytics and operations are often limited by:
find cybersecurity analytics and operations MORE DIFFICULT than it was 2 years ago.
72%
say that security analytics is mostly done in a siloed way by dierent individuals using dierent tools
99%
The threat landscape is rapidly evolving
26%
Better identify and communicate risks to the business
31%Integrate threat intelligence with internal data collection
and analysis
35%Accelerate incident detection
30%
Add custom functionality above tools
30%Automate basic remediation tasks
29%
We don’t always have the right skills
18%We don’t always have the right sta
16%
Manual TasksLack of automation also exacerbates the problem. Which tasks take the most time?
Integration & Automation Is the AnswerIntegration and automation supports visibility of total threat landscape and analytics enables precision of insight.
Objectives behind integration include:
Investigating suspicious activities on a PC with network access
Comparing suspicious behavior detected to the network to threat intelligence data
20%
19%
Investigation of an endpoint device on the network
18%
Investigating phishing e-mail alerts
18%
The SolutionMcAfee Intelligent Security Operations
Threats are changing. Your SOC should too.
McAfee’s threat defense lifecycle framework makes it easier to adapt quickly to a rapidly changing threat landscape by unifying visibility, investigation workflows, and orchestrating prescriptive threat defense actions.
LEARN MORE
http://www.mcafee.com/secops
