Does anyone employ active threat countermeasures at your company and if so what do you use?
Director of IT in Manufacturing, 51 - 200 employees
Currently we employ the Velo from Windstream for our inter connectivity from office to office. We have Cyren and the cloud monitoring our traveling and off premise employees, we have Cylance as a AV engine as well as the Global install of McAfee which does little for us. We also have Cisco Firewalls in place both in data centers as well as between internal levels of the network. We have a SIEM system running and monitoring for windows file changes, and we have other software which assists us in our efforts. Senior Director in Finance (non-banking), 10,001+ employees
We are in the process of re-evaluating appropriate counter measures. If you are considering making changes, would recommend looking at Splunk and IBM products to begin with.VP of Global IT and Cybersecurity in Manufacturing, 501 - 1,000 employees
Would also recommend splunk, sumologic. Chief Security Officer in Software, 10,001+ employees
Thanks. We use Splunk and other security tools, but those aren’t active countermeasures. Active counter measures change and respond based on the attack, such as software defined network technologies that become tar pits for attackers by slowing down protocols or network devices/services that launch pre-canned responses to attacks (such as an attack itself). in Finance (non-banking), 501 - 1,000 employees
Hello Lee, we are doing both Systems and physical security, I am trying to find an application to watch out team behavior throw our network and action taken.On the other hand we are trying to follow up for normal procedure and stick to it as bio-metric devices every where with 2 factors authentication with face detection , mandatory vacation and etc..how this help you.Thanks IhabDirector of Technology/CTO in Education, 1,001 - 5,000 employees
We may or may not - being an appropriately paranoid IT security leader, is this thread an attempt to identify easy targets? All joking aside, we use LogRhythm and other tools to maintain our security environment, along with end user training to prevent malware proliferation through phishing.CFO in Finance (non-banking), 2 - 10 employees
No active measures as our diminutive size was a bit cost prohibitive; we did look at Splunk though and had a very favorable impression. in Software, 10,001+ employees
darktrace. It is a UK company that worked to develop the technology with MI6. Quite interesting technology. They have offices in the US. Chief Security Officer in Software, 10,001+ employees
I’m less than impressed with DarkTrace, but glad it is working for you.
in Software, 10,001+ employees
https://www.darktrace.com/en/CEO in Services (non-Government), 2 - 10 employees
The short answer is that we do employ threat countermeasures at my previous company and even in my current one. But here is more details. Security is like a grading system in schools and colleges. You have to get a good grade on your basic subjects and then you can use the extra credit points to make it even better. One cannot get a bad grade on the basic subjects and use extra credits to get an overall good grade. In security world, the basics you can do for security are absolutely critical. Look at the security compromises at Home Depot, Bank of America and all the other major compromises. You will find basics like Phishing education, security patching, application security, DoS protection, partitioned permission access, no-password hardcoding in applications etc. were the cause. You can have the best threat countermeasure but if an employee clicks on the email that says “I can make you a millionaire … click here” everything else is useless. Here is the bad news – even if one employee clicks on it and all 99.999% do not then also every other security stunt may be useless. So my advice to you is to ask the questions1. What are the top 10-15 basics we need to be good at2. Is your company covered on all the basics3. Do you need to do more than the basics4. Then and only then look for every other solution in the industry Let me leave you with the bear story. When running away from a bear – you do not have to run faster than the bear. You have to run faster than a couple of other people.Content you might like
Yes28%
No, but we expect to be hit in the future.48%
No, and we don't expect to be hit by ransomware in the future.24%
241 PARTICIPANTS
CTO in Software, 201 - 500 employees
Without a doubt - Technical Debt! It's a ball and chain that creates an ever increasing drag on any organization, stifles innovation, and prevents transformation.Yes39%
Yes, but third & Nth parties are still a concern39%
Mostly16%
No4%
Don't know1%
184 PARTICIPANTS
Head of Information Security in Services (non-Government), 1,001 - 5,000 employees
You need to tell people what to expect and what not to expect from IT. We’ve tried to train people to expect that IT will do certain things or make requests which are okay to comply with, but IT will never call you out of ...read moreHead of Information Security in Services (non-Government), 1,001 - 5,000 employees
It depends on how good the solution is at addressing your security needs. I lean towards simplifying the security stack, but in some cases existing solutions just don't provide the level of security that you need. If ...read more