Cyber Defense eMagazine December 2019
Cyber Defense eMagazine January Edition for 2020 #CDM #CYBERDEFENSEMAG @CyberDefenseMag by @Miliefsky a world-renowned cyber security expert and the Publisher of Cyber Defense Magazine as part of the Cyber Defense Media Group with Pierluigi Paganini, Yan Ross as International and US Editors-in-Chief and many more hard working amazing contributors!
Cyber Defense eMagazine January Edition for 2020 #CDM #CYBERDEFENSEMAG @CyberDefenseMag by @Miliefsky a world-renowned cyber security expert and the Publisher of Cyber Defense Magazine as part of the Cyber Defense Media Group with Pierluigi Paganini, Yan Ross as International and US Editors-in-Chief and many more hard working amazing contributors!
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
90<br />
Allows Transparency and Drive Learning<br />
Automation also precisely records workflows, which permits a deeper investigation of false positives.<br />
Why did each one occur? How can a recurrence be prevented? If controls are too sensitive, what should<br />
the readjustment be?<br />
From this insight, databases of knowledge can be compiled to feed artificial intelligence systems, build<br />
out playbooks and teach future analysts, foregoing the need to retain so-called tribal knowledge and<br />
manual processes to triage, investigate and respond to incidents. In fact, automation’s most profound<br />
contribution may be its ability to allow examination of today’s misfires to create the information necessary<br />
to prevent tomorrow’s.<br />
Don’t Overlook the Benefits of False Positives<br />
The benefits of false positives? Sounds funny, right? We just finished discussing all the adverse effects<br />
false positives can have on an organization, and, yet, eliminating them may not be the best course of<br />
action. False positives do provide a valuable service as they can be a useful guideline for monitoring<br />
sensitivity control.<br />
An optimal defense threshold is high enough to detect real threats yet low enough not to trigger too many<br />
false positives. If your organization is recording zero false positives, you’re most likely missing something.<br />
The best strategy is having a few false positives, with automation in place, to help create a stronger<br />
screening process moving forward.<br />
Navigating the evolving threat landscape, while striking the perfect defense threshold balance, can be<br />
exceptionally challenging for today’s SOC (security operations center). Security automation leverages<br />
data in real time, and with the capability it provides to learn from mistakes, false positives will no longer<br />
be a debilitating hindrance but rather another tool for the defense.<br />
About the Author<br />
Steve Salinas is a 20-year veteran of the IT and cybersecurity industries. He<br />
is currently director of product marketing at Siemplify, a leading independent<br />
SOAR provider. For more information, visit: https://www.siemplify.co or<br />
follow @Siemplify on Twitter.