In this part of the series I am going to review trend no. 5, 6 and 7. You may notice that I skipped trend no. 4 - it’s an important one but not something we at Splunk are addressing at the moment. Enjoy!
|TREND NO. 1: Leading SRM leaders are creating pragmatic risk appetite statements linked to business outcomes to engage their stakeholders more effectively.|
|TREND NO. 2: There is renewed interest in implementing or maturing security operations centers (SOCs) with a focus on threat detection and response.|
|TREND NO. 3: Leading organizations are utilizing a data security governance framework to prioritize data security investments.|
|TREND NO. 4: “Passwordless” authentication is achieving market traction, driven by demand and the availability of biometrics and strong hardware-based authentication methods.|
|TREND NO. 5: Security product vendors are increasingly offering premium services to help customers get more immediate value and to assist in skills training.|
|How Splunk Can Help|
Our customer success organization includes services such as customer success manager and admin on-demand services to ensure that value is created . Because even though there may be similarities, each data journey at every organization is unique . Splunk customer success managers offer support on anything from use case development and data lifecycle to user enablement and building a center of excellence.
In addition to our online training, we offer educational workshops such as “Phantom for Rookies”, building automation playbooks for phishing or our top-notch capture the flag blue team exercise: Boss of the SOC - investigating and responding to a breach at Frothly - our favorite Beer Brewery whose brewing secrets have been stolen by an APT Group.
Hundreds of security teams have participated at Boss of the SOC over the years, making it one of the largest and most successful blue team exercises in the industry.
|TREND NO. 6: Leading organizations are investing in and maturing their cloud security competency as it becomes the mainstream computing platform.|
|TREND NO. 7: The strategic CARTA approach to security is starting to appear in more traditional security markets.|
|Best Practices From Top Organizations||How Splunk Can Help|
Siemens shared how it has been using a prevent, detect, investigate, respond approach for years to continuously improve its cybersecurity program.
The Bank of England moved from a vendor-lead strategy to an adversary-lead strategy. It is doing so by focusing on the tactics and techniques cyber attackers apply. Moreover, the SOC was modernized and refined, enabling the security team of the Bank of England to spend 80% of its time to create new analytics rather than spending time on incident response. The security team is able to get a turnaround within 2 hours - from learning about a new attacker tactic to implementing the analytics for detection and validation in its environment.
As we work with security teams across different industries, we observed that many organizations mature from a block/prevent strategy to continuous risk evaluation and trust assessment by detecting & responding with the right context in mind.
Thanks for reading! Looking forward to seeing you at Gartner’s Security and Risk Management Summit in London from the September 9th - 11th.