DNS Resolutions
With 2018 in the rear view mirror for most, we wanted to look at some attainable goals for 2019 within organizations.
Actionable Cybersecurity Resolutions for 2019
- Dedicate 5 hours a week to Threat Hunting
- Focus on Orchestration
- Go back to the basics (Back to the Future)
Threat Hunting
In 2018 we saw a shift in the industry, not only was Threat Hunting a buzzword, but it was moving toward as a focus in more organizations. According to a recent SANS Threat Hunting Survey, nearly 90% of respondents that threat hunting provided a measurable improvement in the overall security of their organization in the past year. The SANS organization also recommends that organizations “prioritize new staff and training existing staff to ensure that they are ready to make use of their technology investments.” They also stressed the importance of approaching threat hunting as a human-driven process that is hypothesis driven process. If you are currently looking to start a threat hunting program, David Monahan at EMA and one of our engineers talked about the steps to establishing a Threat Hunting program:
- Have a repeatable process
- Maintain an activity log
- Maintain source data
- Maintain data integrity
- Investigations are an art and science
Focus on Orchestration
As an industry our skills gap is only growing and we are finding ourselves increasingly unable to meet the needs of our organizations in terms of security posture and maturity. Orchestration has the ability to help organizations with security processes, automation of specific actions, and inform your team, with the end goal of efficiency. In order to truly adopt these fairly new technologies we still need a focus on PPT (people, process and technology) and in my mind, in that order.
Back to the Basics (Back to the Future)
I saved the best for last. Although the latest technologies and new ways of looking at threats are steps that will be integral to an organization’s security maturity, part of that maturity is laying down the foundation. In “The Third Annual Study on the Cyber Resilient Organization” by Ponemon they found that 77% of businesses lacked proper incident response plans. In short, be sure to create measurable goals so you can realize the values you see from specific programs and processes you implement.