Adapting Your Security Strategy in the Ever-Changing Threatscape

The modern threat landscape is constantly changing. How can an organization maintain mission and business focus in the presence of an evolving adversary? If we take a business centric approach, technology leaders will tell you that the organizations security posture and capability should evolve to maintain parity with mission and business priorities.

Balancing the demands of the changing threat with demands of the changing business can sometimes appear incompatible. Of course one can’t simply overhaul the security infrastructure every time there is a new class of threats. Ransomware is getting quite a few headlines these days, but that doesn’t mean some of the traditional problems of rogue devices gaining access to your network are going away.

To combat the ever growing list of cybersecurity challenges, our partner Accenture has announced a new integration with Splunk, Palo Alto Networks and Tanium to deliver the Accenture Cyber Defense Platform (ACDP).

What capabilities would an organization need to reduce their overall risk from old and new threats?

  • Network visibility: Not just for basic communication stats like netflow but deep visibility to understand the applications, services and user interactions.
  • Endpoint visibility: Whether they are the laptops of travelling execs or virtual machines running business applications in the cloud – endpoints get directly impacted by the attackers
  • Analytics: To identify anomalies on the endpoints and the network. Create alerts and enable investigations.
  • Automation: To reduce the time to response for gathering more context for events or to take actions for high confidence events.
  • Business and technology expertise: A trusted party must provide technology and business guidance so complex technologies will result in reducing the risks for a demanding business.

No single provider or supplier can address these capabilities. This can only be achieved when proven technologies and services providers work together as an ecosystem – for the customer. The ACDP provides advanced threat detection, correlation, search and incident management capabilities designed to help organizations respond to and remediate sophisticated cyber threats on-demand, at-speed and at-scale. Black Hat 2016 attendees can view a live demonstration of the offering at Splunk booth #1348.

Monzy Merza
Chief Security Evangelist

Monzy Merza
Posted by

Monzy Merza

Monzy Merza serves as the head of security research at Splunk. With over 15 years of cybersecurity leadership in government and commercial organizations, Monzy is responsible for helping advise and implement strategic security programs for Splunk’s cybersecurity customers, working hand-in-hand with executives across the Fortune 500 to develop modern security architectures. Monzy is also responsible for leading the Splunk Cyber Research team, which arms Splunk customers with actionable threat intelligence to combat advanced threats. A noted international speaker, Monzy frequently presents at government and industry events on topics such as nation state threat defense and machine learning. His current security research is focused on integrated approaches to human-driven and automated responses to targeted cyberattacks

Join the Discussion