"Employees need seamless and secure access to corporate resources wherever they work."

At it-sa 2019, BusinessIQ's editorial team spoke with UEM expert Brian Foster, Senior Vice President of Product Management at MobileIron, about Zero Trust based Unified Endpoint Management. The company specializes in security frameworks for mobile devices. ...more

AUTOMATE DEVOPS/SECOPS DEPLOYMENT WITH CI/CD PIPELINE INTEGRATIONS

By focusing on frequent code integration, automated testing, and keeping the mainline code version in a state that is deployable to production at any time, CI/CD aims to eliminate the risks and friction of traditional waterfall software development. Add to that the practice of continuous deployment and you can move to a situation where the latest and greatest software version is not just always ready to be deployed—it’s deployed on a frequent basis. ...more

Using MITRE ATT&CK™ in Threat Hunting and Detection

MITRE ATT&CK1 is an open framework and knowledge base of adversary tactics and techniques based on real-world observations. ATT&CK provides a common taxonomy of the tactical objectives of adversaries and their methods. Having a taxonomy by itself has many valuable uses, such as providing a common vocabulary for exchanging information with others in the security community. But it also serves as a real technical framework for classifying your current detection efforts and identifying gaps where you are blind to certain types of attack beh ...more

The Security Operations Maturity Model Quick Reference Guide

Organisations should think of security operations as a critical business process. Effective security operations are the first line of defence when it comes to preventing cyberattacks. To accomplish this, organisations need mature programs that leverage people, process and technology to rapidly detect and respond to sophisticated attacks. Yet some organisations struggle with the overall effectiveness of their security operations. They also lack the basis for measuring the effectiveness and maturing capabilities. A mature security operation e ...more

LogRhythm for SWIFT Customer Security Controls Framework

Society for Worldwide Interbank Financial Telecommunication (SWIFT) facilitates a huge number of financial transactions every day via the secure messaging system it provides to its members. In addition to banks, the system is also used by other major financial players. SWIFT does not maintain accounts or handle funds, but its network moves huge sums every day. Member institutions, if compromised, can be used to send fake messages that other members act upon in good faith. Such activity has resulted in both attempted and successful transfers of ...more

Security Operations Maturity Model

This white paper explores how to assess and evolve the principle programmes of the security operations centre (SOC): threat monitoring, threat hunting, threat investigation and incident response. LogRhythm developed the Threat Lifecycle Management (TLM) framework to help organisations ideally align technology, people and process in support of these programmes. The TLM framework defines the critical security operations technological capabilities and workflow processes that are vital to achieve an efficient and effective SOC. LogRhythm’s Security ...more

Defeating threats through user data: Applying UEBA to protect your environment

You’re facing a constant barrage of threats, some of which you don’t even know exist. The reality is that your users are behind many threats and breaches — whether maliciously or accidentally. Case in point: 69 per cent of organiations reported a recent insider data exfiltration attempt, and 28 per cent of breaches involved internal actors.1 As the typical point of entry for an attack, users are a difficult vector to monitor and secure. To confront the tidal wave of attacks, you need to hone your attention on users by harnessing the power of us ...more

Budgeting for a modern SIEM

For CEOs, growth is a welcome challenge — it’s an indicator that business is healthy. But growth also poses a real challenge for CISOs for two reasons: First, when budgeting for a security information and event management (SIEM) system, CISOs are often faced with a tradeoff between limiting security threats and the cost of security operations. Second, larger businesses are a more attractive target for cyber adversaries. ...more

Definitive guide to SOAR

Cybersecurity organizations have their work cut out for them. As the last line of defense in the fight against cyberthreats, they stand between their corporations’ valuable IT assets and cyberattackers. But these attackers aren’t social outcasts emailing viruses from their parents’ basement. Today’s cyberattackers are more formidable and more sophisticated than ever before. Attackers are resourceful and ruthless in their efforts to steal data, commit fraud, abuse resources, and disrupt services. They’re also patient and have the power of nu ...more