Webinar: Best Practices for Scoping Infections and Disrupting Breaches
The following is a guest blog post from Chuck McGann, Chief Cyber Strategist for Salient CRGT’s Cyber Security Innovation Center and former CISO of the United States Postal Service.
There is no question that both public and private organizations are facing more cybersecurity challenges than ever before. Targeted security attacks are growing at a rapid speed and our adversaries are becoming increasingly advanced. In order to effectively counter these attacks and protect our networks, we first need to change the security paradigm.
I recently teamed up with David Page, Sales Engineer for Splunk, to discuss best practices for scoping cyber infections and disrupting data breaches. In our webinar, we outlined the various benefits of adopting a continuous breach response posture that can help organizations fully understand the scope of cyber vulnerabilities. David and I both stressed how important it is for federal agencies to have single pane of glass network visibility and get out in front of potential breaches.
We also agreed that all data is security relevant. As a result, it is crucial for organizations to follow up on any communication they receive and really run it to the ground. By documenting everything with consistent terminology and sharing it with the right teams, organizations can take a more informed and proactive security stance. Additionally, our security analysts need to start building business understanding and relationships. By gaining a deeper understanding of their organization’s business environment, analysts will be better prepared to identify and thwart future attacks on their networks.
The ability to see what’s happening in your environment is paramount to building a strong security posture. We’ve seen many cases over the past few years across public and private sector of malicious actors breaching networks and going unnoticed for months. That’s why, as I noted in our webinar discussion, the key to truly disrupting a cyber breach is identifying that you have one.
To learn more about continuous breach response postures and how Splunk solutions can turn machine data into valuable insights, watch our full webinar here: