Abstract:
The article stresses that a company’s cybersecurity posture is strongest when a combination of people, processes, and technology are utilized. The author suggests that in an evolving cyber domain where creative cybercriminals are constantly expanding attack vectors, merely relying on preventative measures is an inadequate cybersecurity strategy. He argues that “threat detection and response is the future”. He states that relying solely on security products to protect a company against attack creates a false sense of security among companies- most of which have already been attacked! Therefore, he continues, companies ought to develop detection and response capabilities that combine an action plan (that utilizes technology and processes) with an expert IT team that “successfully remediate(s) the inevitable attacks yet to come.” The author insists that strengthening the Incidence Response capacity of a company is also a matter of economic/financial prudence and a more realistic approach to cybersecurity for companies.
Key Words:
Attack Vector, Security products, Cybersecurity posture, Incident Response (IR), Security Information and Event Management (SIEM) technology, Security Operations Center (SOC), Managed Security Service Provider (MSSP).