noodls browser compatibility check

The security settings of your browser are blocking the execution of scripts.

To use noodls, javascript support must be enabled. Please change your browser's security settings to enable javascript.

If you have changed your browser's security settings, you can click here.

related announcements

News

Itron Inc.

Dr. Monforte’s Retirement Brown Bag: The Past, Present and Future of[...]
Deschutes County, OR

County Environmental Health offers tips for safe holiday cooking
Tim Kaine

Kaine & Bonamici Lead Colleagues in Urging Congressional Leadership to[...]

Technology

Trend Micro Inc.

11/25/2024 | News release | Distributed by Public on 11/25/2024 11:17

Embracing a Risk-Based Cybersecurity Approach With ASRM

Cyber asset discovery

First, you need total visibility to discover and continuously monitor known, unknown, internal, and internet-facing (external) assets. Siloed point products across vectors like endpoints, users, devices, cloud, and networks limit overstretched security teams from taking stock or performing manual audits. Also consider that new projects with open-source dependencies and user/device accounts are spun up instantly, meaning you need to be able to see your entire ecosystem as it changes, not after.

The goal is to gain visibility to answer questions such as:

What is my attack surface?
How well can I see what assets are in my environment?
How many, what types, and what attributes are associated with these assets?
What are my high-value assets?
How is my attack surface changing?

Risk assessment

Being able to see your entire ecosystem as it changes is the first step. Next, your security teams need to assess and prioritize any weaknesses or vulnerabilities. This doesn't just apply to systems but user types as well. For example, executive-level employees are the most common targets for business email compromise (BEC).

In addition, we've seen an uptick in campaigns targeting software supply chains and DevOps pipelines, meaning processes also need to be evaluated for any security gaps.

Ideally, this risk information will be contextualized for greater understanding so you can answer the following questions:

Can I quantify my risk? What is my overall risk score?
Is my risk score increasing or decreasing over time?
How does it compare to peers in the industry?
Where do I see the most significant security risks?
What risk factors need immediate attention?

Risk mitigation

While discovering and assessing risks across your digital attack surface is important, it's also critical to receive actionable prioritized mitigation recommendations to lower risk exposure. Virtual patching, changing configuration options on a prevention control, and controlling user access parameters are just a few examples.

Furthermore, mitigation should be automated wherever possible to increase efficiency and reduce the chance of a successful attack or breach.

With the skills shortage introducing very real challenges to managing your attack surface, the opportunity to create a common framework and a single pane of glass is paramount to effective cyber risk management. Enter XDR and zero-trust strategies.

The importance of XDR

Investments in XDR means you have data, analytics, integrations, and technology in place that could serve as a foundation for serving other use cases and providing insight and operational value beyond the realm of detection and response.

More proactive risk prioritization and mitigation benefits your SOC by reducing overall exposure and the scope of a security incident. Conversely, detection data collected by XDR provides you with valuable insight into attack surface threat activity and shows you how current defenses are coping. In turn, this can inform risk assessments and response recommendations.

Learn more in The Race to Support Overwhelmed Security Teams with XDR and SOC Modernization

Supporting zero-trust strategies

Proactive cyber risk management depends on operationalizing elements of a zero-trust strategy. Zero trust is an extension of the principle of least privilege, wherein any connection-whether it's from within the network or not-should be considered untrustworthy. This is crucial in your modern hyper-connected, remote work environment, which has increased the number of different entry points or connections into the enterprise.

As always, this needs to be an ongoing process that constantly evaluates identity, user, and device activity, as well as application, vulnerability, and device configuration. The demand for continuous assessment has led to many SOCs shifting toward the secure access service edge (SASE) architecture, which combines discrete capabilities such as cloud application security broker (CASB), secure web gateway (SWG), and zero trust network access (ZTNA) for more granular control across your network.

Sharing and Personal Tools

Please select the service you want to use: