Wise Cybersecurity
In my childhood, my mother always told me: "Javier, please behave, be prudent". The way she said it, the way she looked at me ... she wanted me to stay still, to be quiet. It was a phrase that coerced, that controlled.
It was only when I got my master's degree that I finally learned its true meaning. And it was in religion: it is the virtue of acting justly. In the Royal Spanish Academy (RAE) they define it as "good sense, good judgment".
Prudence is given by performing a process of analysis of our decisions. But the most important thing is to act accordingly. Cybersecurity is based on this virtue.
The CISO (Chief Information Security Officer) has a complex role within organizations. He ensures that the minimum security controls are in place to ensure that the impact of incidents is minimized or within an acceptable level for the organization.
Its problems start with the number of controls. A standard such as ISO 27001 defines up to 114, but one such control can have several elements, which must be applied to all information assets. Additionally, the controls are distributed to several people. But that is not all. Attack methods evolve and change every day, making us need new controls or adjustments to those already in place.
Big Data Technology
The decisions to be made are oriented on 2 fronts: the strategic front that seeks to improve the control model with control evolutions or new technologies; and the tactical front to focus efforts on what is most critical at that moment. For this we require a lot of information and here Big Data technology becomes very relevant.
We need data on all information assets to know what is happening to them: access, unauthorized changes, network connections, DNS requirements and processes, among others.
We also need a lot of information on the effectiveness of controls: their execution, evidence of compliance with their objective, errors and failures, among others. And, finally, intelligence data that nourishes the information collected and helps us to detect anomalies.
Transforming Data into Information
With all that information we generate the information we need to act in an efficient and effective way to reduce the exposure time of our organization.
That action must be effective. Minutes can be critical in our days where a virus infection can affect all the organization's assets, delete data or impact services. That is why all repetitive tasks are susceptible to automation and flows can be created where several tasks are integrated with approval points from different people to help us contain and recover efficiently from attacks.
Currently, A3Sec Group's Center for Security and Digital Surveillance (CSVD)® supports organizations as they implement caution in their security model. We rely on BigData tools that include analytics and machine learning capabilities to efficiently detect threats and/or vulnerabilities that can impact the organization. What is really important is to generate that knowledge to reduce false positives as much as possible and really focus our efforts. And automation and orchestration capabilities to respond efficiently to attacks.
Our CSVD Attack Surface solution is an example of how our Prudent Cybersecurity capabilities support our customers. It does so through orchestration and automation as we manage to continuously collect large amounts of data to detect technical vulnerabilities in systems, integrating vulnerability test results to infrastructure, web applications and intelligence sources that help us understand and manage the security weaknesses of our infrastructure.
Our solution has achieved through the management of KPIs, such as mean detection time and mean response time, to reduce our customers' update and patching processes due to clear and structured information and efficient vulnerability closure strategies.
