MTTD and MTTR: Two Metrics to Improve Your Cybersecurity

Threatpost | January 28, 2020

For any organization to protect itself from cyberattacks and data breaches, it’s critical to discover and respond to cyber threats as quickly as possible. Shutting the window of vulnerabilities promptly makes the difference between a mild compromise and a catastrophic data breach. Understanding your ability to do so gives your organization a powerful way to determine holes in your defenses and areas where your team needs to improve. While there are dozens of metrics available to determine success, here are two key cybersecurity performance indicators every organization should monitor.

Spotlight

Cybersecurtiy expert and Cisco Press author, Omar Santos. In this interview from Cisco Live 2016, Omar Santos discusses cyber threats, sources of information, Cisco solutions like FirePOWER and his books. Great opportunity to listen to a cybersecurity expert in this short interview. For a full hour webinar recording with Omar Santos on FirePOWER and Next-Generation Firewalls

Spotlight

Cybersecurtiy expert and Cisco Press author, Omar Santos. In this interview from Cisco Live 2016, Omar Santos discusses cyber threats, sources of information, Cisco solutions like FirePOWER and his books. Great opportunity to listen to a cybersecurity expert in this short interview. For a full hour webinar recording with Omar Santos on FirePOWER and Next-Generation Firewalls

Related News

DATA SECURITY

Imperva Extends its Data Security Fabric to Include Enterprise Data Lakes Built on AWS

Imperva | July 27, 2022

Imperva, Inc., a comprehensive digital security leader, announces that its award-winning Imperva Data Security Fabric (DSF) now provides data-centric protection and compliance for enterprise data lakes built on Amazon Web Services (AWS). Imperva reinforces its commitment to securing data and all paths to it by allowing AWS customers to secure their data with one comprehensive platform, leveraging a unified security model across Amazon Aurora, Amazon Redshift, Amazon Relational Database Service (Amazon RDS), Amazon DynamoDB, Amazon Athena, and AWS CloudFormation without requiring any changes to their existing data infrastructure. Many security teams have gaps in their resources and domain expertise required to ensure their data lake meets organizational compliance and security policies. In particular, organizations must be able to simultaneously identify when a compromised user accesses sensitive data, while also preventing data from being stolen by malicious insiders. These gaps can mean that organizations must choose between limiting the data they store in a data lake, and putting themselves at risk of non-compliance, or in the worst-case scenario, a data breach. Many security teams have gaps in their resources and domain expertise required to ensure their data lake meets organizational compliance and security policies. In particular, organizations must be able to simultaneously identify when a compromised user accesses sensitive data, while also preventing data from being stolen by malicious insiders. These gaps can mean that organizations must choose between limiting the data they store in a data lake, and putting themselves at risk of non-compliance, or in the worst-case scenario, a data breach. Imperva DSF includes User Entity Behavior Analytics (UEBA) models that can identify suspicious data access patterns, such as excessive access to sensitive records, the use of privileged service accounts by interactive users, and suspicious network connections. This helps organizations automatically identify and detect potential data breaches without the need for specialized data security analysts. Finally, with Imperva DSF, security operations teams can create playbooks to automatically mitigate threats using native AWS features like security groups or revoking user access using AWS IAM. This ensures organizations stay in compliance while also helping to prevent data breaches. Comprehensive Data Security From one holistic dashboard, Imperva DSF delivers a broad range of data security capabilities – including data discovery, classification, monitoring, access control, risk analytics, compliance management, security automation, threat detection, and audit reporting. This makes it easier for customers to protect the migration of sensitive data, including Personally Identifiable Information (PII) like customer names, email addresses, phone numbers, and gender, and adhere to privacy regulations, such as the General Data Protection Regulation (GDPR), Payment Card Industry Data Security Standard (PCI-DSS), and the Health Insurance Portability and Accountability Act (HIPAA). Tens of thousands of organizations build data lakes on AWS and configure AWS Lake Formation, AWS Identity and Access Management (IAM), and Amazon Simple Storage Service (Amazon S3) policies to secure access to them. Imperva DSF leverages services like AWS Lake Formation and AWS Glue to discover data lakes, monitor how users query and access stored data, and detect and prevent malicious user access and data leakage incidents. Imperva DSF also safeguards critical data workloads across all of their databases, file repositories, data warehouses, multicloud, and data lake environments. Imperva Data Security Fabric can be deployed directly in any AWS Regions using pre-built AWS CloudFormation templates. Once deployed, Imperva DSF will begin discovering and monitoring data lakes. More than 400 pre-defined vulnerability assessment tests are available for cloud databases on AWS. Also, Imperva DSF takes the complexity out of deciding which baselines to establish by including policies based on Center for Internet Security (CIS) and Defense Information System Agency’s (DISA) Security Technical Implementation Guide (STIG) benchmarks that are adapted for the cloud. "AWS allows organizations to quickly and securely build solutions that help them to reach new markets and deliver new services to end users,” says Dan Neault, SVP and GM, Data Security, Imperva. “Imperva Data Security Fabric gives organizations building data lakes on AWS a streamlined experience for securing data, and confidence that their data lakes are in compliance.” About Imperva DSF on AWS The support of data lakes is the latest milestone in Imperva’s work with AWS. Imperva is an AWS Partner with the AWS Security Independent Software Vendor (ISV) Competency and Amazon RDS Ready Product validation. Imperva also participates in AWS Marketplace and AWS ISV Accelerate Program. About Imperva Imperva is the cybersecurity leader whose mission is to help organizations protect their data and all paths to it. Customers around the world trust Imperva to protect their applications, data and websites from cyber attacks. With an integrated approach combining edge, application security and data security, Imperva protects companies through all stages of their digital journey. Imperva Research Labs and our global intelligence community enable Imperva to stay ahead of the threat landscape and seamlessly integrate the latest security, privacy and compliance expertise into our solutions.

Read More

SOFTWARE SECURITY

Hub Security Signs Agreement With Leading Cyber System Integrators

Hub Security | July 01, 2022

HUB Cyber Security (Israel) Limited, a developer of Confidential Computing cybersecurity solutions and services, announced today an agreement to sell HUB's Confidential Compute solutions to US enterprises and telecommunications companies with one of the largest US cyber security system integrators. In the United States, the integrator focuses on supplying equipment and services for 5G networks and edge computing. The engagement is for two years and can be extended by mutual consent between both parties. This is HUB's first strategic partnership in the US market, and the company expects it will improve product sales in the US and have a major influence on revenues over the next 24 months. "We are on a path to hyper growth in the sales of our Confidential Computing solutions worldwide over the next five years to establish ourselves as a leader in this space. The U.S. is a prime target and we intend to build a string of partnerships for rapid introductions and deployments of our solutions in Fortune 500 companies and government agencies." Eyal Moshe, CEO of HUB Security

Read More

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Synack Joins the Microsoft Intelligent Security Association, Bringing the Power of Continuous and on Demand Security to Microsoft Azure

Synack | September 13, 2022

Synack, a premier platform for on-demand security expertise, announced that it has joined the Microsoft Intelligent Security Association (MISA) and is available through integration with Microsoft Sentinel, giving enterprises globally seamless access to a worldwide network of top security researchers working around the clock to protect their cloud assets. Becoming part of MISA, an ecosystem of independent software vendors and managed security service providers, builds on a growing collaboration between Synack and Microsoft and is a testament to both organizations' commitment to providing easier, more flexible and scalable cybersecurity solutions. Microsoft Sentinel is a cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution designed to reduce unnecessary friction in the vulnerability remediation process. It also provides early threat detection and rapid response to sophisticated attacks to facilitate shorter resolution times and lower the number of security incidents. "Our integration with Microsoft Sentinel couldn't be more timely and important today as organizations everywhere are scrambling to find enough skilled practitioners to protect them against punishing cyberattacks. We help solve that talent gap with our platform that combines a powerful network of ethical hackers with the most advanced technology. "We look forward to building on this important relationship with Microsoft." Jay Kaplan, Synack's CEO Cyberattacks on cloud environments are expected to increase, putting enterprises and critical infrastructure providers at greater risk of supply chain, ransomware and nation-state attacks. As a result of these threats, the Biden administration has called on organizations to deploy third-party testing "to test the security of your systems and your ability to defend against a sophisticated attack. Many ransomware criminals are aggressive and sophisticated and will find the equivalent of unlocked doors." The Synack integration with Microsoft Sentinel enables customers to respond to this challenge. "Members of MISA integrate their security solutions with Microsoft's security technology to gain more signal, increase visibility and better protect against threats. By extending Microsoft's security capabilities across the ecosystem, we help our shared customers to succeed," said Maria Thomson, Microsoft Intelligent Security Association Lead. "This vibrant security ecosystem is valuable to our shared customer base because it reduces the cost and complexity of integrating disparate security tools." Synack will deliver insights through its Microsoft Sentinel integration, enabling security teams to correlate these findings with Microsoft Sentinel data to gain end-to-end visibility, comprehensively investigate and take action on threats. In addition to the Microsoft Sentinel integration and MISA membership, Synack also recently announced another integration with Microsoft's Security and Compliance for Cloud Infrastructure solution that will further enhance Microsoft Azure protections. ABOUT SYNACK: Synack's premier on-demand security testing platform harnesses a talented, vetted community of security researchers and smart technology to deliver continuous penetration testing and vulnerability management, with actionable results. We are committed to making the world more secure by closing the cybersecurity skills gap, giving organizations on-demand access to the most-trusted security researchers in the world. Headquartered in Silicon Valley with regional teams around the world, Synack protects global banks, federal agencies, DoD classified assets and more than $6 trillion in Fortune 500 and Global 2000 revenue.

Read More