editor ’ s question
?
he cybersecurity
T threat landscape has never been more challenging , sophisticated and serious . Research suggests that in the UAE alone , around US $ 746 million is lost every year to cybercrime and the country faced a 79 % increase in the problem from 2019 to 2020 . For firms and IT departments across the region , it ’ s a constant battle to stay ahead of the bad actors .
Add in the fact that several security teams are either stretched or underskilled , not to mention , many face pressure to keep budgets in check , and it really is a perfect storm . In an effort to level the playing field , security teams are turning to technology . But that comes with challenges of its own .
A lack of clarity
Today , an organisation ’ s security infrastructure will include everything from Security Incident and Event Management ( SIEM ) and Security Orchestration Automation and Response ( SOAR ) to Network Detection & Response ( NDR ) and Extended Detection and Response ( XDR ).
Admittedly , the tools each have value , so that ’ s not the problem . The challenge is that each new tool adds another data silo . Each separately reports its own specific data based on its own particular use and area of the network . And it ’ s then down to the analysts , who are faced with multiple alerts from multiple systems and solutions , to make sense of it all .
When there are too many alerts , issues can be notified to lots of different teams , or worse ; missed altogether . Alert fatigue – where the team is exposed to constant alerts and consequently fail to act when it really matters – is a real problem . This is why XDR tools are designed as a holistic , top-layer solution that collects data from multiple sources to provide a comprehensive picture , enabling real-time incident detection and response . But again , it ’ s not that simple , as XDRs vary in quality , effectiveness and even function .
Context is key
Enter : the value of contextual insight . Rather than simply churning out data and leaving it to the over-worked analyst to handle , some XDR tools can go a step further by providing that allimportant context .
HADI JAAFARAWI , MANAGING DIRECTOR – MIDDLE EAST , QUALYS
In the UAE alone , around US $ 746 million is lost every year to cybercrime and the country faced a 79 % increase in the problem from 2019 to 2020 .
All alerts may look basically the same in one tool . But , when brought together with external threat intelligence and other security data , that harmlesslooking alert will suddenly have more meaning and jump up the priority list . XDR is designed to break down data silos and provide the context required to help analysts get better insight , by creating a consolidated view of the entire enterprise technology stack and any threats . It pulls together all security solutions and functions into one place , giving analysts a single , comprehensive view of threats across the entire network .
Providing context using XDR gives security professionals the visibility and insights they need to reduce risks and improve their security approach . It empowers busy teams with the clarity and context to enable them to make the right decisions and deal with potential issues – quickly .
28 www . intelligentciso . com