Bimodality and Digitization Can Help You Detect the Unknown Threat
- In addition to having the right tools, organizations need to build threat-hunting teams. Threat hunting is a different skill set than that of a traditional analyst.
- When working with an MDR vendor, spend time teaching them your environment, your policies and process, your handoff points, and what you expect to see from them.
“What we are talking about is the digitization of security.”
Kevin McLaughlin, cybersecurity expert and associate professor at American Public University, is a strong believer in defense in depth, but he also recognizes that in today’s threat environment, traditional defenses are not enough. “You still need to have your core components on the endpoint,” he says. “But the bad guys are so good, you really have to start looking at your next steps.”