Www.pwc.com/gsiss Toward new possibilities in threat ...

gsiss

Toward new possibilities in threat management

How businesses are embracing a modern approach to threat management and information sharing.

Key findings from the Global State of Information Security? Survey 2017

Table of contents

Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 Bold new combinations in the cloud. . . . . . . . . . . . . . . . . . . . . . . . . . 5 Integrating key threat-management tools in the cloud . . . . . . . . . . 7 Advanced authentication to catch phishers. . . . . . . . . . . . . . . . . . . . 9 What cloud-based threat intelligence looks like. . . . . . . . . . . . . . . 13 The power of a centralized platform. . . . . . . . . . . . . . . . . . . . . . . . . 14 Tapping into a network of information-sharing resources. . . . . . . 16

How ISAOs improve prospects for information sharing. . . . . . . . 20 A state of pioneering cybersecurity . . . . . . . . . . . . . . . . . . . . . . . . . 22 Toward the future of threat intelligence. . . . . . . . . . . . . . . . . . . . . . 23 Methodology. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24 Contacts. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25

B Key findings from The Global State of Information Security? Survey 2017

? 2016 PwC

Today, most business leaders know that they are responsible for cybersecurity and privacy threats, wherever they occur in disparate enterprise systems. What many do not understand is how to design, implement and manage a real-time threat-intelligence and information-sharing program.

They are not alone.

An integrated threat-intelligence and information-sharing platform can be a great unknown for even the most cybersavvy of executives. Threat management is an advanced discipline that requires a chess master's skills in strategic and analytical thought. Multiple interconnected systems must be synthesized to ingest, correlate, analyze and contextualize information from multiple sources. Automated information sharing requires considerable know-how in technology and data standards and interconnected processes.

2 Key findings from The Global State of Information Security? Survey 2017

? 2016 PwC

Both demand a foundation of cloud-based monitoring and analysis technologies, an interoperable information-sharing strategy and platform, and carefully tailored processes. To get there, businesses will need in-house or external expertise in four key areas:

? Ingesting and surfacing meaningful, validated intelligence in real time.

? Assessing the organizational impact of that intelligence.

? Identifying actions to mitigate threats.

? Taking prompt technical, legal and operational action.

These four distinct skill sets require no small sum of technical expertise and resources. As such, organizations will need deep cybersecurity expertise as well as a multidisciplinary team that includes stakeholders from IT, legal counsel, risk, privacy and business units. This team will be responsible for creating custom processes to integrate activities across systems and the enterprise.

Threat management requires expertise in four key areas

Taking prompt technical, legal and operational action

01

Ingesting and surfacing meaningful, validated intelligence in real time

04

02

Identifying actions to mitigate threats

03

Assessing the organizational impact of that intelligence

3 Key findings from The Global State of Information Security? Survey 2017

? 2016 PwC

We believe that cloud computing services are foundational to the integration and management of the many moving parts of a threat-management program. A cloud-based model can deliver computational power to monitor and analyze all digital interactions and create a unified repository of information to generate actionable intelligence in real time.

A cloud-centric solution may not be the choice of all businesses-- some may opt to implement and run an on-premise threatmanagement solution. And there are concrete advantages to this approach. For one, organizations own on-premise solutions, and that allows them to fully customize and integrate systems to accommodate individual business needs. It can also give organizations complete control in compliance with government and industry regulations. And because data and applications are stored on servers in house, cybersecurity teams always know where data is stowed.

Despite the advantages, on-premise threat management entails complex challenges and internal resource requirements. Chief among them: Businesses must hire and retain key talent with niche skills to manage large amounts of unstructured threat information and process it so that it can be leveraged effectively. An on-premise solution also requires the resources to hire and retain highly skilled cyberthreat-intelligence analysts to review data and take immediate action on that information. Finally, organizations must have an agile technology ecosystem that can scale to a large set of both internal and external threat information as needed.

Whether on-premise or on the cloud, implementation of a threatmanagement system will be a challenge for even the most highly resourced organizations. But those that tackle this initiative will be better prepared to proactively monitor for threats, identify compromises, quickly respond to incidents and share threat intelligence. Ultimately, these capabilities will help build competitive advantages by protecting customer data, business assets and brand reputation.

4 Key findings from The Global State of Information Security? Survey 2017

? 2016 PwC

 ................
................

In order to avoid copyright disputes, this page is only a partial summary.

Google Online Preview   Download