Implementing an Intelligence-Driven Security Strategy: 10 Data Points

1 - Implementing an Intelligence-Driven Security Strategy: 10 Data Points
2 - Understand Your Current Risk
3 - Visibility Into the Network Is a Must
4 - Control and Manage All Digital Identities
5 - Visibility Into All Transactions Necessary
6 - Analyze Normal Behavior, Seek the Exceptions
7 - Rapid Response a Must
8 - Emphasis on Detection a Key Part of the Strategy
9 - Centralized Control a Key Operational Benefit
10 - Timeliness Increases Risk Avoidance
11 - Staffing Benefits Also Can Result
1 of 11

Implementing an Intelligence-Driven Security Strategy: 10 Data Points

by Chris Preimesberger

2 of 11

Understand Your Current Risk

There are a lot of questions to ask before embarking on a new strategy. What are the risks to the organization? What are its vulnerabilities? How well is it defending against those at any given point in time? Without visibility into risk, organizations can't design optimal defense strategies or appropriately prioritize activities.

3 of 11

Visibility Into the Network Is a Must

Network visibility needs to go to beyond what we have today, from logs and events, down to the packet and session level to spot faint signals that indicate advanced threats.

4 of 11

Control and Manage All Digital Identities

Organizations need to understand who (or what) is on their networks, what they are doing and whether that behavior is appropriate.

5 of 11

Visibility Into All Transactions Necessary

Organizations need to know what's happening inside key applications that drive the business. Good monitoring and controls can handle this.

6 of 11

Analyze Normal Behavior, Seek the Exceptions

Analysis involves understanding normal state behavior and then looking for anomalies. By knowing what is "normal," an organization can then spot, investigate and root out anomalies that result from malicious activity.

7 of 11

Rapid Response a Must

Consistent and rapid response to confirmed anomalies allows organizations to mitigate potential threats by enforcing controls such as access restrictions or additional authentication. Action also results in remediation processes and activity.

8 of 11

Emphasis on Detection a Key Part of the Strategy

An intelligence-driven security strategy emphasizes detection, analysis and action, while de-emphasizing static, signature-based perimeter detection. This "even-split" approach understands the modern threat landscape and allocates resources accordingly. This includes creating a better balance between monitoring, response and prevention.

9 of 11

Centralized Control a Key Operational Benefit

Intelligence-driven security reduces the number of point products and fuses together otherwise disjointed data sets and tools, increasing both security and operational efficiency.

10 of 11

Timeliness Increases Risk Avoidance

With the ability to identify attacks in a more timely fashion, intelligence-driven security reduces bottom-line loss that often results from an undetected breach.

11 of 11

Staffing Benefits Also Can Result

Automation and sophistication aids in freeing already overburdened employees, focusing them on what matters to defend the organization, and can elevate average performers into vital components of a winning IT security staff.

Top White Papers and Webcasts