Today, cybersecurity is vital to the safety and security of your company and its data. Developing a proper risk assessment strategy for cyberattacks is about as necessary as breathing. Not only can an incident get you in a lot of trouble with your customers, lowering your reputation, but it can also get you into legal…
Effectively connect people, process and technology to minimize MTTD and MTTR
There’s a reason it’s said that what gets measured gets managed. In order to successfully achieve a goal, you have to be able to measure progress. It’s the only way to know if you’re heading in the right direction.
That’s why any security operations team worth their salt will be paying close attention to both their mean time to detect (MTTD) and mean time to respond (MTTR) metrics when it comes to resolving incidents.
The average dwell time for attackers still sits somewhere within the ranges of 100 – 140 days and frankly, we can do better. Security operations teams need to be fanatical when it comes to lowering these metrics within their organizations.
Significantly reducing dwell time, MTTD and MTTR starts with an understanding of attacks. From there, you need multiple groups working together in harmony enabled by technology to automate and orchestrate incident response processes.
Often when speaking to people about the cloud, their first reaction is that it isn’t safe and they won’t use it. Odds are that they, and most everyone else who owns an Internet connected device, is already using the cloud.
Let’s take a step back and define the cloud. In essence, it’s just a network of servers — which are large, super-powerful computers. Anything that’s referred to as “cloud-based” or “in the cloud” means it primarily lives online, instead of on something physical in your possession like a CD or your computer’s hard drive.
A good rule of thumb for determining whether something is “cloud-based” is asking yourself the following question: Can I easily log into this service from another device, like my phone or a different computer? If the answer is yes, then the service is probably based in the cloud.
We get asked this question frequently, “What the difference between a vulnerability assessment and penetration assessment?”. It’s a great question and one we’d like to shed a bit more light on throughout this blog. Both engagements are aimed towards shedding light on areas within your cybersecurity posture that need improvement. We regularly perform vulnerability assessments and penetration tests for our clients tasked by regulatory compliance to adhere to a particular standard or to increase their security posture. Both of these tests play an important role within your organization by enlightening you on areas of weakness and decreasing risk from adversaries.