SIEM and SOAR in 2023: Key trends and new changes

Security information and event management (SIEM) systems remain a key component of security operations centers (SOCs). Security orchestration, automation, and response (SOAR) frameworks, meanwhile, have emerged to fill the gap in these capabilities left by many SIEM systems. But as many companies have begun reaching the limits of SIEM and SOAR systems over the last […]

The post SIEM and SOAR in 2023: Key trends and new changes appeared first on Security Intelligence.

Continue reading SIEM and SOAR in 2023: Key trends and new changes

Cyberattackers Target the Latin American Health Care Sector

Cyberattacks on the healthcare sector are a growing threat in Latin America, and the large amount of confidential data these organizations handle makes these attacks a top concern. The value of healthcare data in the illegal market, such as the personal, medical and financial information of patients and healthcare companies, creates an appealing target for […]

The post Cyberattackers Target the Latin American Health Care Sector appeared first on Security Intelligence.

Continue reading Cyberattackers Target the Latin American Health Care Sector

Cyberattackers Target the Latin American Health Care Sector

Cyberattacks on the healthcare sector are a growing threat in Latin America, and the large amount of confidential data these organizations handle makes these attacks a top concern. The value of healthcare data in the illegal market, such as the personal, medical and financial information of patients and healthcare companies, creates an appealing target for […]

The post Cyberattackers Target the Latin American Health Care Sector appeared first on Security Intelligence.

Continue reading Cyberattackers Target the Latin American Health Care Sector

SOCs Spend 32% of the Day On Incidents That Pose No Threat

When it comes to the first line of defense for any company, its Security Operations Center (SOC) is an essential component. A SOC is a dedicated team of professionals who monitor networks and systems for potential threats, provide analysis of detected issues and take the necessary actions to remediate any risks they uncover. Unfortunately, SOC […]

The post SOCs Spend 32% of the Day On Incidents That Pose No Threat appeared first on Security Intelligence.

Continue reading SOCs Spend 32% of the Day On Incidents That Pose No Threat

How Morris Worm Command and Control Changed Cybersecurity

A successful cyberattack requires more than just gaining entry into a victim’s network. To truly reap the rewards, attackers must maintain a persistent presence within the system. After establishing communication with other compromised network devices, actors can stealthily extract valuable data. The key to all this is a well-developed Command and Control (C2 or C&C) […]

The post How Morris Worm Command and Control Changed Cybersecurity appeared first on Security Intelligence.

Continue reading How Morris Worm Command and Control Changed Cybersecurity

The Important Role of SOAR in Cybersecurity

Understaffed security teams need all the help they can get, and they are finding that help through SOAR. SOAR — security orchestration, automation and response — is defined by Gartner as the “technologies that enable organizations to collect inputs monitored by the security operations team.” Gartner identifies a SOAR platform’s three prime functionalities: Threat and […]

The post The Important Role of SOAR in Cybersecurity appeared first on Security Intelligence.

Continue reading The Important Role of SOAR in Cybersecurity

The Role of Marketing and PR in Incident Response

Responding to a cyber incident requires teamwork across departments and disciplines. Technical incident responders must work to halt incoming attacks while the communications teams develop a public response. Clear communication is essential.  Communication strategies differ before and after a cyber incident. The way a company approaches both is as important as incident mitigation itself. How […]

The post The Role of Marketing and PR in Incident Response appeared first on Security Intelligence.

Continue reading The Role of Marketing and PR in Incident Response

What is an Incident Response Professional?

As part of our ongoing series highlighting various roles in the cybersecurity industry, this article shines the light on the incident response professional. While there are many misconceptions surrounding the role, let’s examine a few frequently asked questions. How In-Demand is this Particular Role? Why?  Year after year, the story is the same: Cybersecurity jobs […]

The post What is an Incident Response Professional? appeared first on Security Intelligence.

Continue reading What is an Incident Response Professional?

Contain Breaches and Gain Visibility With Microsegmentation

Organizations must grapple with challenges from various market forces. Digital transformation, cloud adoption, hybrid work environments and geopolitical and economic challenges all have a part to play. These forces have especially manifested in more significant security threats to expanding IT attack surfaces.  Breach containment is essential, and zero trust security principles can be applied to […]

The post Contain Breaches and Gain Visibility With Microsegmentation appeared first on Security Intelligence.

Continue reading Contain Breaches and Gain Visibility With Microsegmentation

People, Process and Technology: The Incident Response Trifecta

Let’s say you are the CISO or IT security lead of your organization, and your incident response program needs an uplift. After making a compelling business case to management for investment, your budget has been approved and expanded. With your newfound wealth, you focus on acquiring technology that will improve your monitoring, detection and analysis […]

The post People, Process and Technology: The Incident Response Trifecta appeared first on Security Intelligence.

Continue reading People, Process and Technology: The Incident Response Trifecta