In today's dynamic threat landscape, "real-time" is the operative phrase - and it needs to apply both to threat detection and incident response, says Tim Bandos of Digital Guardian. What are the required security controls and tools?
Bandos, director of cybersecurity at Digital Guardian, says real-time detection and response need to be aligned tightly. "In the event of a threat or compromise being discovered, there really needs to be a methodical approach to how you respond to that activity," he says. "Knee-jerk reactions can cause organizations to suffer even greater consequences."
In an interview about real-time capabilities, Bandos discusses:
- What's at risk for organizations that lack these tools and skills;
- The necessary tools and skills;
- Questions to ask to determine your own organization's real-time capabilities.
Bandos is the Director of Cybersecurity for Digital Guardian. He has over 15 years of experience in the cybersecurity realm with a heavy focus on Internal Controls, Incident Response & Threat Intelligence. He recently joined Digital Guardian after spending time "on the other side of the equation" overseeing an incident response team for a global manufacturer. His role at Digital Guardian is to further build out the Managed Service Program (MSP) to deliver advanced threat protection to our global customer base. He brings a wealth of practical information gained from tracking and hunting advanced threats targeted at stealing sensitive data and is leveraging that contextual knowledge by building it into behavioral based detection signatures and rules for Digital Guardian MSP customers.