Detecting a Disaster With Hacker's IP Address: Getting the Strategy Right
The exploitation of vulnerabilities is the root cause of most data breaches today. That's why detecting, remediating or mitigating vulnerabilities are effective steps for protecting your organization from an attack. When a company is breached, every second counts in the race to mitigate damages.
Some pertinent questions security practitioners raise with organizations that are breached: When the attacker is able to scan your network thoroughly for six months, how is your system unable to detect them? Is your scanning ineffective? How good is your log management and analysis? How difficult is it to identify the IP address of the hacker and diagnose the disaster?
The session discusses:
- Your preparedness to detect a breach;
- Where organizations are falling short on detecting early warning signals;
- Understanding your baseline traffic to determine abnormality;
- The right monitoring techniques