Part of the explanation is that the cyber threat landscape is continually evolving and attackers are finding innovative new ways to circumvent network defences. Also, most security devices are programmed to recognise and alert on attacks by correlating activity against rules and signatures that indicate a known threat—an approach that will increasingly fail as the evolution of the threat accelerates and as attackers move to bespoke malware.
Even when security devices detect an attack and generate an alert, analysts often lack the information necessary to interpret the alert for what it tells them, or are too swamped with alert volumes to even process and respond to material breaches.
To detect unknown threats—those that are new and for which signatures have not yet been created or that are designed to exploit a zero day vulnerability that no-one else has yet reported—businesses require a solution that helps security managers and analysts quickly find the most significant cyber threats they are facing, and decide where they should best focus and deploy scarce IT security budget, resources, and skills.
Threat intelligence
It is also important to widen the security focus to include unknown and new threats, and to understand the unusual behaviour patterns that can be identified in data. This is known as threat intelligence. Threat intelligence delivers rich information on new malware, previously unknown perpetrators, emerging trends, and more. This can fuel analytics and provide a better understanding of the threat environment.
Audits cover a much broader range of issues than simple financials. The audit should consider a holistic view of the company’s health, including specific feedback on areas such as going concern, impairment assessments, inventory valuation, and intangible assets.
The full article can be downloaded below …