Truly effective IT and operations groups should put processes in place ahead of time to determine who was behind the breach, what systems were affected, where and how they were impacted and how to make improvements to ensure that this exact breach method won’t succeed again. Rather than focusing solely on prevention or chasing attacks after they happen, organizations must anticipate events that will impact the risk and compliance postures of the organization.
This paper will explore a different, more efficient model of monitoring and response that enables IT security and operations groups to monitor the environment continually, build much deeper context of behavior in the environment and respond more effectively in the event of a breach.
2015 Energy Industry Cybersecurity Report
Strategic Cybersecurity: A Toolkit for Prioritizing, Coordinating, and Transforming Your Cybersecurity Program