The SOC Emergency Room Faces Malware Pandemic>
Dark Reading – Avi Chesla
In the real world, countries which have successfully taken on COVID-19 have moved rapidly, identifying those who carry the virus and separating them form the healthy population quickly and effectively. In our IT organizations, we need to adopt the more disciplined, centralized approach. Steps we should take: Act quickly. Identifying our vulnerabilities (vulnerable, untrained for security, employees working from home, stressed out SOC teams) and putting protections in place before attacks get out of control. ⢠Centralized, disciplined security monitoring and controls over distributed environments with focus on the sensitive assets and employees. Find and isolate the infected hosts early â automated security investigation and response actions with focus on phishing, spear phishing, and other credential theft and account takeover activities.
Link: https://www.darkreading.com/operations/the-soc-emergency-room-faces-malware-pandemic/a/d-id/1337408?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple