We can't find the internet
Attempting to reconnect
Something went wrong!
Hang in there while we get back on track
SAINTCON 2016 Keynote - Steve Caimi - Effective Detection
Integrating technologies, leveraging open APIs, and automating processes are key to effective detection in today's fast-paced threat landscape, where visibility, situational awareness, and continuous monitoring are crucial.
- The speaker emphasizes the need for organizations to integrate their technologies to achieve effective detection.
- He highlights the importance of having visibility into encrypted traffic without decryption, to identify malicious activities.
- Steve Caimi also emphasizes the importance of leveraging open APIs to integrate vendor solutions and enable effective detection.
- Automation is key to detection, he believes, and the automation process needs to be integrated with other processes like identity, protect, detect, respond, and recover.
- The speaker highlights the limitations of relying solely on manual efforts in detecting threats, and emphasizes the importance of automation.
- He stresses that in today’s threat landscape, threats are moving at the speed of business, and organizations need to keep pace.
- Effective detection requires having visibility into what is happening across the organization, including user activity and traffic patterns.
- Caimi encourages organizations to adopt the National Institute of Standards and Technology (NIST) Cybersecurity Framework, which provides a comprehensive approach to cybersecurity management.
- He highlights the importance of people, process, and technology in enabling effective detection, and notes that effective security is a continuous process.
- Automation can help in detection by reducing the time it takes to detect anomalies, enabling quicker response and minimizing damage.
- The speaker emphasizes that threats are changing rapidly, and organizations need to adopt a proactive approach to security.
- He highlights the importance of visibility and situational awareness in detection, and notes that organizations need to understand normal and abnormal traffic patterns to identify malicious activities.
- Effective detection also requires leveraging threat intelligence and conducting continuous monitoring and testing.
- The speaker stresses that detection is a continuous process that requires ongoing monitoring and improvement.