Recently, Rapid7 completed a UX exercise with security professionals from 18 different companies. Based on that work, we derived 97 outcomes (aka “things to do”) that these organizations were trying to achieve within their Detection and Response programs and for their businesses.
Today, I wanted to provide some commentary on the top three. As a career responder, I’ve helped build several Managed Detection and Response offerings, consulted in developing Detection and Response programs for large enterprises, and focused much of my current research on security programs: I have opinions!
First, you might be asking what we mean by outcome. In short, it’s something that someone is trying to achieve in a certain period of time as measured by some value. More specifically, each outcome is structured like this:
Without further delay, here are the top three outcomes from the exercise:
Minimize the likelihood that there are threats your security tools can’t detect.
Maximize your ability to know which vulnerabilities are on your network.
Increase employee awareness of security best practices to prevent issues from happening in the first place.
I am not at all surprised to see this as No. 1. This is the thing that keeps responders and business leaders awake at night. But it doesn’t have to be that way. Sure, you will always have that nag in the back of your head, but you’ll be more confident when your security program and its associated goals are maximized to protect what your business cares about the most. Remember, it’s not about preventing a breach, it’s about stopping a breach before it can cause material damage to your organization. ..
Support the originator by clicking the read the rest link below.
