In security, what we don't look at, don't listen to, don't evaluate, and don't act upon may actually be more important than what we do. This may sound counterintuitive at first, but I assure you that it is not. The truth is that too often the cybersecurity noise level — all the data points constantly bombarding us — creates a sensory overload that impedes our ability to think clearly and act. Here are 10 places where you can start to filter out the noise.
1. Risk: Risk is everywhere you look in life, and security is no different. When looking to assess, prioritize, and mitigate risk, security leaders are bombarded by one potential risk after another. No organization can prioritize and mitigate hundreds of risks effectively. The secret lies in focusing on the risks you don't consider, rather than the ones you do. Think about which risks will cause the greatest impact and damage to the business. Those are the ones you need to prioritize. The rest will have to wait for another time.
2. Threat landscape: Security vendors love to talk about the threat landscape. Scare tactics around the capabilities of nation-state and criminal attackers abound. Unfortunately, this chatter seldom comes with a mapping to what's relevant to the organization hearing it. Are there real threats to information security out there? Absolutely. Are they all relevant to your business? No. Understanding which threats are the most pertinent to you is the first step toward filtering out all that noise.
3. Intelligence: Every security organization wants to stay on top of what's coming next. In theory, tailored intelligence is a grea ..
Support the originator by clicking the read the rest link below.
