The Art of Ruthless Prioritization and Why it Matters for SecOps>
McAfee Blog – Randy Kersey
One of the important goals of SecOps is a faster and more effective collaboration among all personnel involved with security. For this process to be optimized, we believe that ruthless prioritization is critical at all levels of alert response and triage. This ruthless prioritization requires both the processes and the supporting technical platforms to be predictive, accurate, timely, understandable for all involved, and ideally automated. This can be a tall order.

The first approach to prioritization, consistent with the tenets of zero trust, is to take a data-driven approach. Customer data and intellectual property are often at the center of every organizationâs most protected jewels. One way to move this into focus within SecOps would be to implement Data Loss Prevention (DLP). Data loss prevention (DLP), per Gartner, may be defined as technologies that perform both content inspection and contextual analysis of data sent via messaging applications such as email and instant messaging, in motion over the network, in use on a managed endpoint device, and at rest in on-premises file servers or in cloud applications and cloud storage. A Data-Driven Approach to Prioritization A Threat-Driven Approach to Prioritization The goal, of course, is to identify and prevent these most likely attacks before they occur or stop them rapidly upon detection.

An Asset-Driven Approach to Prioritization his can be a function of the data they may uniquely hold, and the access to network, applications, and information resources frequented by their owners, or the level of criticality of the assetâs function.
Link: https://www.mcafee.com/blogs/enterprise/security-operations/the-art-of-ruthless-prioritization-and-why-it-matters-for-secops/