Threat hunting often has ill-defined metrics for organizations attempting to measure “return on investment.” If an analyst isn’t finding bad actors in the environment, leadership may question the value they are bringing. If they are finding a lot of actors, leadership may question how effective they are at their job if incident response is constantly being called for false alarms. Furthermore, questions will arise, depending on how long the actors were present in the network, the severity of the breach and if disclosures need to occur.
2 min read
1 min read
Current security controls will need to be re-defined based on how we protect the enterprise with two primary considerations: containerized and virtualized environments according to CIO and CISO of Risk Management Solutions (RMS) Dave Ruedger.