The book includes insights from the following experts:
- Rebecca Wynn, Head of Information Security & Data Protection Officer, Senior Director, Matrix Medical Network: ‘Set and Forget’ Is Lazy Security >>
- Joseph Smith, Interim Director of Information Technology, University of Maryland Eastern Shore: A Security Practice Needs to Demonstrate Continuous Improvement >>
- Todd Spight, Chief Information Officer, Columbia College Chicago: A Security Practice Needs to Demonstrate Continuous Improvement >>
- Katrina Biscay, Director of Information Security, University of Cincinnati: Broaden the Analytical Skills within Your SOC >>
- Hemanta Swain, Sr. Director & Information Security Officer, TiVo: Quick Response Is the Key >>
- Paul Heffernan, Group Chief Information Security Officer, Unipart Group: Moving from File Locking to Behavior Locking >>
- Kevin McLaughlin, Director – Deputy CISO and a Professor, Stryker: Bimodality and Digitization Can Help You Detect the Unknown Threat >>
- Steve Stonebraker, Principal Security Architect, Guaranteed Rate: To Secure Endpoints, You Need a Complete View of Threats >>
- Lester Godsey, Chief Information Security Officer, City of Mesa: More Data Makes the Behavioral Analysis More Accurate >>
- Jason Kinder, Director, Corporate Security – Cyber Security & SOC Operations, DRS Technologies, Inc.: Active Threat Management Requires New Tools and Skills >>
10 Experts on Active Threat Management was generously sponsored by CounterTack.
It today’s world of cybersecurity, it often feels like the good guys are losing. New research by the Ponemon Institute shows that the average enterprise only has resources to investigate 4% of the security alerts it receives every week. The same research finds that more than one third of cyber exploits go undetected, successfully evading antivirus and intrusion-prevention systems.
The reality is that security practices can no longer wait for their endpoint-security tools to tell them something is wrong. Many are adopting a more aggressive approach to threat management, but this requires new tools and skills that challenge security teams already stretched thin. How are they doing? With the generous support of CounterTack, we asked 10 security experts the following question:
What advice, best practices, and cautions can you offer SOC leaders who want to upgrade their security capabilities to become more proactive?
We spoke to security experts in different cyber environments and at different stages in their use of active endpoint-security techniques. They talked about the inadequacy of traditional defenses and their experiences with new approaches—including predictive analytics and machine learning—and they discussed skills needed to apply these new technologies successfully.
What I see in these essays, in addition to a lot of practical advice, is the emergence of a rich new generation of security tools and practices that may give security practitioners an upper hand.