April 13, 2018 • Resolve Staffer

Resolve Systems was a bronze sponsor at the annual CIFI Security Summit in Singapore. For two days, at the Marina Mandarin Singapore, cybersecurity experts from financial services, healthcare, telecommunications, high tech, and more were in attendance discussing Cybersecurity, Digital Forensics, Investigations, and Intelligence.

Bringing together security experts from across Asia, Resolve Systems was there to discuss how to accelerate security incident response with Resolve, the leading automation and orchestration platform. With on-site demonstrations, best practices conversations, and use cases with the global business leaders in attendance, the CIFI Summit was the perfect opportunity to address the business challenges of CISOs today. Resolve Systems shared 3 critical strategies to address these challenges.

Strategy #1 Have a Security Incident Response Plan On Demand

Even if you use a MSSP, your team still needs to know the response capabilities and have a security incident response plan in place to mitigate risks of a breach. Gartner said in their New Research, “You need to know how to start a detection and response effort” even if you use an MSSP. In fact, Gartner InfoSec Analyst Dr. Anton Chuvakin conducted a poll of security analysts and they overwhelming responded that usable security foundations is where Gartner should keep focus; it’s clearly a necessity. Foundationally having a process in place – a Security Incident Response plan – is mandatory in today’s cybersecurity environment. This plan must be aligned with your business objectives, company culture, and the scope of your technology.

Effective Security Incident Response reaches beyond the SOC to achieve resolution. Read the White Paper now to see how.

Strategy #2 Alleviate Headcount Dependencies [with Automation Software]

With all the issues CISOs and their SOCs face, the issue staying top of mind (including with industry analysts) is a lack of skilled in-house cybersecurity staff. An unskilled or nonexistent workforce is not to be taken likely. So, what can be done about staffing concerns?

You are faced with a couple options. Either hire more talent – which has its own obstacles – or upskill your current employees. Cybersecurity is not often underfunded but a necessary cost of doing business, so why is it often so hard to hire cybersecurity talent? Beyond the cost and limited options in the workforce as ESG’s analyst Jon Oltsik writes about in his CSO article “Cybersecurity skills shortage creating recruitment chaos,” your options quickly become (ordered from priciest to least costly, in our experience):

  1. Hire additional security incident response experts
  2. Upskill your current cybersecurity team/talent pool with training
  3. Train personnel from other departments to cover cybersecurity (as there is often a lack of cybersecurity industry expertise in the marketplace)
  4. Shift left the expertise of subject matter experts to level 1 analysts and engineers with automation

Watch the video now to see an automation evangelist discuss how successful automation strategies require focusing on people.

Strategy #3 Look Beyond Prevention & Detection

Cybersecurity historically focused on preventative-based approaches such as firewalls, antivirus, and intrusion prevention systems. Having confidence in these tools is a must, but relying on them 100% is a thing of the past. Even with heavy financial and time investments, nearly half of all organizations experienced a significant security incident in 2017..

To protect your IP, personal data, and all the other critical information infrastructure, prevention tools aren’t the only way to defend against an increasing threat landscape (including the impact of Ransomware). Shift focus to detection and response capabilities to minimize risk and impact of an incident.

Are you overlooking Security Incident Response? Don’t be left vulnerable. Read 451 Research’s Business Impact Brief now.

Focused on enabling cybersecurity teams to do more with less, shifting expertise to the left, and orchestrating security incident response across the enterprise – from the NOC to the SOC – Resolve is the leading security incident response platform to accomplish these goals and alleviate some of the challenges facing cybersecurity professionals today with automation and orchestration.

Want to read more about Resolve Systems’ position as a major player, according to IDC? Read the MarketScape Analysis now.

Resolve Staffer

About the Author, Resolve Staffer:

This post was written by one of the awesome contributors on the Resolve team.