A significant challenge in cybersecurity at the moment is that there are many risk management platforms available on the market, but only a few manage cyber risks very effectively. Most will shout warnings at the customer as they become apparent and cause great stress in the process. The problem is that by using a reactive rather than proactive approach, many risks sit there, dormant, until an emergency occurs.
“Having covered SOC operations for more than a decade, I have noticed that nearly 60% of SOC incidents are repeat findings that keep resurfacing due to unmitigated underlying risks. Here the actors may be different, but the risk is essentially the same. This is causing significant alertness fatigue.” – Deodatta Wandhekar, Head of Global SOC, SecurityHQ.
Combination of frameworks and best practices
These risks can be prevented. A platform that combines best practices from multiple frameworks is the solution to address this problem.
What is NIST?
The National Institute of Standards and Technology (NIST) plays a central role in providing companies with the opportunity to develop a comprehensive approach to cybersecurity to prevent or reduce the impact of cyber attacks. NIST provides a comprehensive, structured approach to effectively assess, manage, and mitigate cybersecurity risks.
Read “Building a Resilient Digital Future: NIST’s Impact on Cybersecurity” for more details on NIST facilities.
What is MITER?
The MITER Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) framework is a knowledge base of adversarial tactics, techniques, and procedures (TTPs). These TTPs are based on real-world observations, used by numerous threat actors, which have been made accessible globally to be used as the basis for threat models and methodologies. MITER has a “mission to solve problems for a safer world by bringing communities together to develop more effective security.”
Read “How the MITER ATT&CK Framework Revolutionized Cybersecurity” to learn more about MITER practices.
What is the NCSC?
The National Center for Cyber Security (NCSC) combines the expertise of CESG (the information assurance branch of GCHQ), the Center for Cyber Assessment, CERT-UK and the Center for National Infrastructure Protection (National Infrastructure Protection for safety, NPSA). It is a London-based organization with the aim of making the UK a safer place online. They work collaboratively with other law enforcement, defense, intelligence and security agencies and international partners to ensure their data is as accurate and usable as possible.
Risk intelligence combined with the SHQ response platform
SecurityHQ’s SHQ Response Platform began as a sophisticated cyber incident response solution designed for rapid detection, analysis and mitigation of security threats. It has now evolved significantly so much so that, according to a recent press release, “SecurityHQ has combined its intellectual property and knowledge of risk mitigation and cybersecurity, merging it with several industry-recognized sources, including NIST, NCSC and MITER to provide action on how to identify, map and escalate risks.”
‘The SHQ response platform will help reduce this alert stress by focusing on joint risk mitigation. Not only that, it will be critical to translate a simple line risk statement into an actionable mitigation plan. The SHQ Response platform makes risk creation a very simple process by providing the user with a library of tightly linked threat events, impacts and controls by leveraging the industry-standard knowledge base of NIST, MITER and NVD.’ – Deodatta Wandhekar, Head of Global SOC, Security
- Calculate the impact of security threats on your business.
- Calculate the probability that the risks will occur.
- Identify different tactics and techniques.
- Know how to mitigate risks.
- Access everything from one single point platform.
What to do next
Orchestrate and enable collaboration, prioritize incidents, visualize risks, and enhance integration with incident response.
Calculate the impact of security threats and the likelihood of risks occurring and highlight how best to mitigate these risks with risk management.
No matter how great the capability of a tool, remember that a tool is only as good as the experts who operate/control it. To get the full benefits of SHQ Response, you need a team of experts who can analyze and act on data and mitigate risks. To find out more about risk management, contact the team here.
Note: This article was expertly written by Eleanor Barlow, Content Manager at SecurityHQ.