by clicking on the page. A slider will appear, allowing you to adjust your zoom level. Return to the original size by clicking on the page again.
the page around when zoomed in by dragging it.
the zoom using the slider on the top right.
by clicking on the zoomed-in page.
by entering text in the search field and click on "In This Issue" or "All Issues" to search the current issue or the archive of back issues respectively.
by clicking on thumbnails to select pages, and then press the print button.
this publication and page.
displays a table of sections with thumbnails and descriptions.
displays thumbnails of every page in the issue. Click on a page to jump.
allows you to browse through every available issue.
FCW : March 30, 2014
QWhat factors contribute to slow discovery and response processes? With cyber threats increasing in number and complexity, year over year, organizations have adopted several point solutions in an at- tempt to keep up. e result is an infrastructure comprised of dispa- rate tools that makes it impossible to validate and prioritize what is a tremendous volume of alerts and requires manual processes throughout the incident response lifecycle. In addition, organi- zations still rely heavily on signature-based alerting and preven- tion tools, having little ability to detect unknown threats. Q What are the key ingredients in a rapid response strategy? Integration, automation and collaboration. Organizations must consolidate their analysis capabilities to include network, endpoint and code analysis, into a single console, and it's im- portant that their solution is able to perform comprehensive remediation, not just containment. ey need to automate re- sponse processes by integrating this analysis with alerting and security incident and event management (SIEM) solutions, as well as threat intelligence. is allows them to achieve what we call Continuous Automated Incident Resolution. And nally, they must establish a virtual war room, in which all security teams can collaborate and correlate analysis in real time. Or- ganizations that have accomplished this have seen over an 80 percent reduction in response times. Q How can an organization use threat intelligence to improve its overall cybersecurity posture? Most organizations have no e ective way to utilize threat in- telligence. Even if they have a solution that will ingest and or monitor against this information, that solution only supports one threat intel format. Furthermore, most of these solutions are not capable of providing context and comprehensive situ- ational awareness when a threat is discovered; nor are they able to remediate. By implementing an integrated rapid de- tection and response platform that has source-agnostic threat intel ingestion, organizations are able to optimize their in- vestment in these critical feeds, while dramatically increasing detection, response and remediation capabilities. QTo what extent can an organization leverage its exist- ing tools to create a holistic detection and response strategy? A Unfortunately, most tools are not designed with holistic de- tection and response in mind. However, it is possible to inte- grate existing SIEM and alerting tools with a rapid detection and response solution that will automate threat validation, endpoint isolation, root cause analysis and remediation. at's a good rst step. If this rapid detection and response platform also integrates network, endpoint and malware anal- ysis, signature-less threat detection, remediation capabilities and source-agnostic threat intelligence ingestion, it can serve as your central conduit for alerts, threat intel monitoring and response operations. at is holistic detection and response. QWhat is the purpose of a virtual war room and who should be included? Currently, in the event of an incident, most organizations have several disparate teams, using disparate tools, each per- forming their own piece of analysis. In addition, most or- ganizations also have third-party services teams, often from multiple companies, all doing their own analysis. Collabora- tion and correlation of this analysis is often almost nonexis- tent, and when they do have a process in place to correlate analysis, it is one of in-person meetings or conference calls. A virtual war room would bring all these groups and their analysis into a single platform, saving time and speeding the response process. A A A A Integrated cyber approach provides best defense Sponsored Content Jason Mical Vice President of CyberSecurity AccessData Learn how you can achieve Continuous Automated Incident Resolution. email@example.com 800.574.5199 • International +44(0)20 7010 7800
March 15, 2014
April 15, 2014