From Cyber-Siloes to Cyber-Symbiosis: A Next Generation Platform Approach To Managing Risk
James Madden
Account Manager @ Trend Micro | Certified in Cybersecurity & AWS Cloud Practitioner
Cybersecurity leadership and their teams are faced with the recurrent dilemma of addressing cyber risk in the most cost effective and business enabling manner while making, at times, difficult decisions to accept areas and elements of risk to the security posture of the organization. Given the myriad of security controls and consoles (45 on average within most organizations today) along with their output of alerts (51% of organizations are drowning in alert fatigue) used for making up the layers and patchwork of a defense in depth approach to protecting organizational intellectual property and profit-generating operations, cybersecurity leaders are confronted by a constantly changing and challenging threat landscape where threat actors are empowered by Artificial Intelligence (AI), Machine Learning (ML), immense financial resources, an army of hackers, and the endless capacity of the human mind to create workarounds.
Some questions that come to mind for cybersecurity leadership and their teams include:
These daunting questions and many more must be answered and properly addressed to ensure organizations avoid costly breaches and cybersecurity leaders can experience some peace of mind while not slowing down or inhibiting business, service delivery, and ongoing innovation and enhancements.
While there are many excellent and effective best-of-breed security controls in the market they cannot detect and protect against threats outside of their purview - and they are only as good as the threat intelligence feeding them. Considering the reality of the dynamic threat landscape with the increasing complexities foisted upon cybersecurity leadership and their teams in combatting Artificial Intelligence (AI) and Machine Learning (ML) powered threats backed by a one trillion dollar cybercrime industry staffed by millions of hackers, security controls operating in siloes rather than in a common, centralized, symbiotic nexus, are not able to detect and protect as effectively as if they were linked together within a platform framework.
To exacerbate the situation further, resource and personnel constraints, due to a broad gap in up and coming cybersecurity talent (estimated to be 3.4 million ), create challenges of properly staffing a team to manage the technologies and operations meant to protect the interests of the organization.
As we ponder these dynamics, the realization sets in that we must rethink how we approach the conundrum of managing risk without impeding business, profitability, and service delivery. We must undergo a paradigmatic shift from the cyber-silos of consoles, dashboards, reports, insufficiently staffed and, at times, territorial teams protecting their turf to a cost effective, centralized real-time view of the entirety of the attack surface with a responsive repository of insightful, real-time recommendations, complemented by rapid detection and remediation with virtual patching, and prioritization scoring to aid in determining where, what, and when to apply which level of risk mitigation.
We need a platform that provides centralized visibility, detection, and remediation powered by intelligent, accessible, and relevant software, APIs, and Artificial Intelligence (AI) and Machine Learning (ML) to automate, consolidate, and correlate threat vector data as a complimentary tool to support in-house cybersecurity experts so we can reduce the MTTD (Mean Time To Detection) and MTTR (Mean Time To Remediation), alert fatigue, attacker dwell time, control access, all at the speed of business while upholding regulatory compliance and not being viewed as an impedance or inhibitor to the flow of revenue and service delivery.
Many will respond with "that's already being done with SIEM (Security Information Event Management), SOAR (Security Orchestration Automation Response), and/or XDR (Extended Detection and Response)" or "there are platform options in the market that offer those capabilities." In some ways that is correct - organizations should use a SIEM (log management as well as collecting and sending security alerts), a SOAR (orchestration, automation, and response of alerts with some AI powered predictive capabilities for known threats), and XDR (endpoint detection and analysis) as they provide unique value to the organization.
While each of these technologies and methodologies have their place and deliver some value, they have their limitations - primarily in the lack of comprehensive, holistic, and symbiotic sharing of telemetry with best-in-industry threat intelligence, real-time attack surface risk management and zero trust scanning, MITRE ATT&CK tactic and technique data, and generative AI recommendations which can represent the efforts of an army of SOC analysts providing split second insights. A handful of vendors are touting their "platform" capabilities but are they really offering a true symbiotic nexus that enables organizations to meet the AI and ML-powered attacks on threat vectors of today's attack surface as well as threat trends on the horizon?
The reality is we've reached a point where we need to transcend reliance on SIEM, SOAR, XDR, and current "platforms"; we need to go beyond with an approach that brings the entirety of the attack surface into symbiotic focus with proactive and responsive features and capabilities. What is needed is a next generation cybersecurity platform in order to stay ahead of the constantly shifting polymorphic threat landscape that is powered more than ever by automation, AI and ML, and the seemingly endless capacity for the human mind to cleverly create workarounds to barriers put before it. After all, and at the core of modern cyber warfare, is the reality of the human mind and heart to conceive plans and execute them to get what it wants - good and bad. Consequently, we need something that can combat this formidable foe and force with expediency, efficacy, and cost effectiveness.
What, then, would a next generation cybersecurity platform look like? What would be the core tenets, features, and attributes?
The next generation cybersecurity platform would offer comprehensive, holistic, and centralized visibility, utilizing telemetry data from a variety of sensor form factors, enriching the data provided from 3rd party tools and integrating via API or native connectors across the attack surface on-prem, in-the-cloud, and all gateways and data paths in between, then rationalize that data against the latest threat intelligence and MITRE ATT&CK framework tactics and techniques with diagnostic workbench and reporting capabilities, all within a single console that can provide risk insights from across the attack surface with executive dashboard reporting powered by generative AI-driven recommendations, accelerated remediation of threats with vulnerability patching, and buttressed by trusted and established cybersecurity industry frameworks and guidelines .
领英推荐
Sounds like a lot, and it is, unless you have a tremendous amount of knowledge, experience, access to real-time data feeds from threat researchers, government agencies, and law enforcement, and a dedicated team of thousands of researchers, developers, security experts, and thought leaders who are able to bring it all together with efficacy, harmony, and symbiosis.
Furthermore, that team would have to work collaboratively over years, perhaps decades, within a cohesive, federated structure and diverse global culture of a passionate, resilient, innovative, and thriving perennial cybersecurity leader recognized by 3rd party industry analysts year after year over three decades, with 100 consecutive profitable quarters (25 years and counting). The organization would need to be stable with cash reserves and no debt - capable of flourishing even within unpredictable market conditions, committed to continuous solution enhancement and product innovation resulting in peace of mind to a global customer base.
There would need to be industry leadership in threat intelligence backed by the Zero Day Initiative comprised of 3,000 global bug bounty hunters discovering 60% of all zero day vulnerabilities disclosed year over year, providing up to 72 days of exploit and vulnerability protection with virtual patching ahead of formal vendor patch release. There would be many notable "first to market" releases (most recently cloud risk management and XDR ) and the clear application of thought leadership looking into the future to determine protective and detective measures not only now but for years ahead.
While that may sound like an impossibly ideal mix of attributes from a single cybersecurity solution provider, there is one company that meets all of that criteria and more: Trend Micro . Trend Micro, with its release of the Vision One Cybersecurity Platform , offers the culmination of 35 years of expertise and market-leading innovation in a comprehensive symbiotic platform of holistic cyber risk visibility, detection, and remediation tools to enable informed risk acceptance and avoidance decision-making - all within a single console. With the Trend Micro Vision One Cybersecurity Platform you can:
At Trend Micro we're not asking you to rip and replace your panoply of siloed cybersecurity solutions (although we have industry leading solutions for every aspect of the attack surface worth considering); we want to assist you and your team in weaving your cyber tools into an actionable, centrally accessible symbiotic framework with meaningful insights and risk management controls so you are empowered and equipped to use your cybersecurity strategy as a business enabler and competitive differentiator.
Even if you are convinced your cybersecurity risk posture is currently in a good place why not take advantage of several free Cyber Risk Assessments from Trend Micro which can be accessed here ? These assessments provide context and perspective that may reinforce what you already know or, possibly, highlight areas deserving of some attention and course correction.
There will most likely never come a time where risk can be perfectly managed without some give and take as well as trial and error. As the level of sophistication and creativity of threat actors, coupled with the automation and exponential power of AI and Machine Learning, continue to present challenges to organizations attempting to keep breaches from occurring, it is becoming increasingly difficult to stay ahead of the ever changing threat landscape without having a platform approach to cybersecurity.
Clearly there is value and benefit in having the attack surface presented and managed in centralized repository of insightful, real-time recommendations, with effective and rapid remediation, and prioritization scoring to aid in determining where and what to apply which level of risk mitigation at a given moment in time. In the very least the platform approach can provide another layer of defense in depth peace of mind. Ideally, and ultimately, a next generation cybersecurity platform can place a cybersecurity team in more of an offensive rather than defensive posture.
At Trend Micro we believe the Vision One Platform is a unique, best-in-market solution for such a time as this and are at the ready to engage in the conversation with you and your team as we identify potential areas where we can support your risk mitigation efforts. But don't take our word for it - you can review and consider what others say about Trend Micro by navigating to this landing page and considering the opinion in this Forbes article entitled “The Unwavering Growth And Innovative Future of Trend Micro. ”
If you haven't considered Trend Micro in recent years perhaps it's time to revisit how a pioneer and trailblazer of the cybersecurity industry can assist you with its next generation cybersecurity platform methodology.
Here's to your organization's security, your peace of mind, and a successful and safe year ahead.
Investor looking to purchase businesses doing at least $200k in EBITDA
11 个月Sounds like an impressive platform! ??
Director @ Trend Micro | Customer Excellence
11 个月Cheers ?? James to a safe 2024 for organizations!
Sr. Account Manager at Trend Micro
11 个月James Madden, if there were a Pulitzer Prize for Cybersecurity Literature - I nominate YOU! ??
Sr. Security Engineer at Trend Micro
11 个月A very holistic overview of the current state of cybersecurity and how Trend Micro has been building a platform to help our partners be secure and successful in todays threat landscape.
Wow. Every person in Cyber Security needs to read this.