Thanksgiving in the US is passed and year end is in sight. As the end of the calendar year draws near, let’s consider a few short term objectives you can complete right now that will have a long lasting effect on your security programs in 2019.
1. Optimize Your Security Tools Around Standards
Do you find your security teams performing repetitive tasks without much value? Consider for example how many times an analyst received a PDF with a giant list of IPs of potential command and control servers. After they received those emails they then have to manually copy the list into a SIEM to make watch lists.
There is a much better way to handle cyber threat intelligence. Your tools and vendors need to be using STIX and TAXII right now. At New Context, not only are we contributing authors to the STIX and TAXII standards, we develop custom integrations between your SOC applications to optimize performance. No more PDFs, no more emails, no more copy/paste that is fraught with error and consumes time.
Here is how New Context is embracing this standard:
- Globally recognized for work in developing standards for Cyber Threat Intelligence.
- Extensive cybersecurity threat intelligence domain knowledge
- Author of the STIX patterning quick reference guide
- Created utility specific STIX extensions for DNP3 and ModBus
- Developed tools to represent ICS specific temporal event indicators of compromise
- Enabled mechanisms to perform multi-sensor correlation for OT networks
2. Review Policies
I have no doubt that your organization has been affected by some level of changes to regulations or compliance requirements. Do you remember all those zillions of emails you got about GDPR? Before the year ends, take time now to review your policies for what’s ahead.
- Its likely you need to perform annual policy reviews and sign off anyway. Spend a little time reviewing now before the holidays hit.
- Were you affected by any recent legislation at your state level? Now is a good time to start that research.
3. Consider A Tools, People and Processes Review
Are you looking for ways to substantiate budget requests in 2019? Consider performing an assessment. I’m not talking about the usual vulnerability scan or pentest. Take a strong look at the performance of your team as pertains to their efficiency and security risk.
We understand that security and compliance are now board-level topics. Knowing your organization’s risk level helps to enable the business. Furthermore, we understand that it’s a challenge to reduce risk and costs while also making your organization more optimized.
Many times we find that our c-level customers are unaware of the organization’s risk posture. At lower levels within your reporting structure, we often discover that teams have misaligned priorities and incentives. The conflicting priorities and lack of company visibility present difficult challenges to a company’s management.
These are some of the reasons why we developed LS/IQ, our Lean Security Intelligence Platform.
2019 is clearly in sight. We should be looking at ending the year with a strong finish on bolstering our security programs. Make a strong and perhaps first step towards supporting standardized cyber threat intelligence in your security operations center. Take a look at your policies, tools and processes to identify your gaps and make a solid plan for 2019. At New Context, this is what we do every day for our critical infrastructure customers.