How is your organization addressing ransomware in the immediate short-term?
Chief Information Officer in Education, 5,001 - 10,000 employees
If we look at our adversary, they can just outgun us: You can go to the dark web and pretty quickly get anything you need. They've got great customer service. You only pay when you get results. So the attackers are motivated by money and they're ready to roll. On the flip side, we're talking about being defensive. There are countless software vendors saying, "We got this great stuff. It has AI." But what's the SLA for turnaround to recovery for me? The two adversaries if you will are lopsided in this equation.
Chief Security Officer, VP of Info Svc, Analytics and Cloud Infra & Operations in Software, 201 - 500 employees
I think that no automation platform out there is going to solve all of the ills. There’s no single pane of glass. It just doesn't exist. But there are some focus areas. I think you can do the security operations and application security in something like a SOAR. But you need to pick something that's aware of controls and frameworks and cross walking and GRC tools for the compliance piece. I think that that's going to remain separate. That's the two I'm looking at, that's the two I'm using right now is Drata and Tines.And while I say there’s no single pane of glass, I haven't completely given up on searching for it. Today I'm using security orchestration, automation and response (SOAR) for that, pulling out data through orchestration to try and create dashboards. It’s not a single pane but I'm trying to set things up so that OpSec, security operations, and compliance hear all the relevant data. That way you don't have to look at 40 tools. You only have to look at 1 or 2, or maybe 3 dashboards.
Content you might like
CTO in Software, 201 - 500 employees
Without a doubt - Technical Debt! It's a ball and chain that creates an ever increasing drag on any organization, stifles innovation, and prevents transformation.Yes56%
No29%
Unsure14%
498 PARTICIPANTS
Patch management: to reduce attack surface and avoid system misconfigurations39%
Malware and ransomware prevention: to protect endpoints from social engineering attacks58%
Malware and fileless malware detection and response: to protect against malicious software49%
Threat Hunting: to detect unknown threats that are acting or dormant in your environment and have bypassed the security controls33%
Not planning to change endpoint security strategy10%
184 PARTICIPANTS
ISSO and Director of the IRU in Healthcare and Biotech, 10,001+ employees
I would definitely suggest this based of how you categorize your types of data/systems and information being stored in certain parts of your data center. I think it’s really dependent on the size of your organization and ...read moreDirector Global Network / Security Architecture and Automation in Finance (non-banking), 10,001+ employees
Nothing ever dies in Enterprise. Why did Broadcom Software buy Symantec and VMWare, why did SDX Central post a story today about MPLS and how it lives on. Why is the hot news about cloud repatriation becuase a terrible app ...read more
The problem with corporate networks is that they’re set up to trust everything once it gets in. If you have VPN or 2 factor authentication, then once you're credentialed in, AWS and all your applications are just one VLAN. It's not going to force you to MFA again. So if the bad guy gets in through phishing or other means, they have credentials. Then they can go to your active directory (AD) to shut down all your GPOs and then go kill your applications. It's poor design on our part, and we're kind of dragging our feet on this.