The Secureworks® Incident Response proactive consulting practice develops incident response (IR) plans, performs IR plan gap analyses, and facilitates tabletop exercises featuring various security risks to the more than 4000 customers in our base. Over time we have analyzed findings from each engagement. And it is from those findings that multiple patterns emerged showing consistent challenges to our customers’ security posture and response capabilities.
These patterns showed differences between the top performers versus those who have gaps that need to be closed. Patterns were reviewed across business type, size, geographic distribution, as well as compliance and regulatory requirements to determine the top five challenges faced. This effort is part of Secureworks’ initiative to define what is “normal” for security in an industry.
It is worth noting that the organizations reviewed in the data had at least one of the top 5 challenges, including the highest performers. The top 5 were selected for their potential impact to the security and IR posture. Impact was determined from business, legal, and security factors associated with each customer in the dataset. Where appropriate, comparison with industry accepted standards such as NIST, ISO, and others were included in the impact determination.
The top 5 are not presented in any particular order. To varying degrees, they all have a potential impact on an organization. All five of the challenges must be addressed to assure a more complete, robust security environment which supports the business needs of an organization.
This first of a series of 5 blogs will look at what should be considered the basic foundation of any security practice: the definition of “incident.”
Words have meaning. The use of a word in a particular circumstance may have an oversized impact on an ..
Support the originator by clicking the read the rest link below.
