? editor ’ s question n cybersecurity ,
I numbers speak . The Arab Gulf region ’ s battle with threat actors is chronicled in a seemingly endless flow of media and industry reports . In one study , 59 % of UAE organisations reported having been the target of ransomware in 2021 – a drastic increase from 2020 ’ s 38 %. In another , 84 % of cybersecurity professionals in Saudi Arabia said attacks were on the rise in 2021 because of remote work . These are but surface scrapings of an ongoing war saga in which security specialists try to outwit anonymous villains .
Against this backdrop , defenders would be best served by a living security model – one built upon an open architecture that learns from and adapts to both its own environment and the threat landscape beyond it . There are three main steps to the construction of this intelligent , integrated platform .
1 . Improve visibility
Lack of visibility is one of the most pervasive problems facing the modern security team . Without visibility , it becomes impossible to even assess the impact of an incident that has already occurred .
In the event of a breach , time is money . Literally . Every second of dwell time can represent thousands of dollars , so security teams cannot afford to waste those seconds chasing false positives or less critical threats . Tighter integration of security tools means a wealth of data in real time .
Once organisations have access to such a trove of data , they can leverage advanced analytics software to identify not just known threats , but ones that have not been seen before . So , the integrated side of the security platform delivers the required data , and the intelligent side delivers the automation and actionable intelligence that puts the SecOps team back in control of its environment .
2 . Accelerate response
An integrated , intelligent security platform delivers better quality in alerts , an orderly work queue , astute analysis and enhanced case management . Taken together , these capabilities ensure that threat hunters are dispatched in time to make a difference and that teams are challenged without being overwhelmed , thereby enhancing talent-retention rates in security teams amid an ongoing regional skills gap .
3 . Increase efficiency ; reduce costs
Financial costs have an undeniable part to play in investment decisions , but the potential costs to operations and market reputation , as well as legal exposure
Lack of visibility is one of the most pervasive problems facing the modern security team .
VIBIN SHAJU , PRESALES DIRECTOR – EMEA , TRELLIX
and potential compliance penalties , must also be weighed . If organisations were to opt for consolidation of legacy point tools into a single cloud-native solution , costs would go down and become more manageable and predictable .
Back in the saddle
If SecOps is to regain control of its digital jurisdiction , it must seek out a platform that delivers tight integration ( and therefore , rich data and comprehensive visibility ) and stateof-the-art intelligence ( and therefore peerless ability to analyse , detect , mitigate and respond ). The open architecture that facilitates all of this will be the foundation of a living security model that is flexible enough to learn and grow . www . intelligentciso . com
29