The Missing Piece In Preventing and Detecting Cyber Breaches

Share on facebook
Share on twitter
Share on linkedin
Share on email
Share on whatsapp

Security Week online published “The NIST Cybersecurity Framework Revisited” and there were several key points made in their analysis:

1) While the NIST framework is a good benchmark, there is no measurable proof that using the framework alone can prevent cyber attacks.  Why?  The author noted that “guidelines and regulations are static by nature, and cannot evolve to detect and mitigate morphing threats”.

2) Regulatory compliance guidelines not only can’t keep up with cyber attackers, but can even expose holes which attackers can use to build their attack strategy. Simply put, compliance does not equal security.

3) “One of the biggest challenges is managing the sheer volume, velocity, and complexity of data feeds that must be analyzed, normalized and prioritized to stand a change of detecting an attack”.  The Target breach was listed as an example of having best-of-breed technology to gather alerts, but the alerts went buried in the sea of data.

The article concluded that “finding a solution to overcome the lack of human resources needed to extract intelligence from security feeds and respond in a timely fashion should remain a focal point for organizations”.

 

 

Foresite admin
Website | + posts

Sign Up For Our Blog

Get our latest content delivered to your inbox.

partner with foresite consulting to become a More Effective Leader

Develop the skills and strategies you need to take your company to the next level of success.

Foresite Cybersecurity Announces Pivot to Open XDR & Compliance Platform

Search