Threat Landscape

Most organizations, even those with existing security operations centers (SOCs), are poorly prepared to detect, investigate, and respond to attacks – especially the most advanced and targeted ones. Awareness of breaches often occurs long after the initial compromise, resulting in lengthy breach windows, known as breach exposure time, dwell time, or attacker free time.

Key elements that make it difficult to navigate the threat landscape include:

  • Low C-level awareness and appreciation for today’s threat landscape leading to an underfunded security operations program and to increased risk exposure
  • Defending against advanced threats requires a substantial shift in resources from prevention to detection and response, but organizations that make this shift often discover they don’t have the necessary expertise to create and execute the transition
  • Point security products that are poorly integrated and deployed without first differentiating high and low asset values, resulting in misallocation of scarce security resources
  • Inability to discover sophisticated attack techniques, resulting in exposure to targeted attacks
  • Lack of centralized security monitoring and alerting, resulting in difficulty in detecting and investigating attacks and in scoping the nature and extent of an initial breach
  • Lack of automation for incident-response workflows, resulting in extended breach exposure time
  • Lack of threat-intelligence capabilities, resulting in less effective defense countermeasures
  • Poor patch-management processes, resulting in extended exposure to known vulnerabilities
  • Poorly defined security roles and responsibilities, resulting in less effective security defenses
  • Ad hoc processes and procedures, resulting in operational inefficiency and extended breach exposure time
  • Lack of post-incident “lessons learned” discipline, resulting in foregone opportunities to enhance security operations
  • Huge operational impact when a potential breach occurs, resulting in increased costs and negative impact on focus on core business