Their conversation covers the benefits of cyber risk analytics for enterprises, including an oft-forgotten perk of cybersecurity in general: allowing for greater prioritization in your security planning.
As Jerry Skurla puts it, most companies have too much new data and new access points in their IT environment for their cybersecurity teams to keep up. If your IT security team becomes overwhelmed by manually analyzing each and every security alert, the number of unanalyzed alerts and thus legitimate threats on your network compound.
Moreover, Jerry estimates that approximately 80% of security alerts are false positives—normal events that only appear suspicious—and are thus time sinks. There is literally no time to prioritize any other vital security protocol since all of that time is consumed by going through these alerts. The stress in such conditions can’t be overstated: your IT security staff can easily burn out in such conditions, leaving your remaining staff in the literal lurch and forcing you to scramble to make up for the lost talent.
Jerry states that cyber risk analytics and user and entity behavior analytics (UEBA) can help enterprises deal with their prioritization issues by serving as a “brilliant apprentice” to your team. While it enters into your IT environment knowing nothing, it can quickly learn what is normal and abnormal behavior and can handle the vast majority of false positives. This reduces the number of false positives IT security teams need to investigate—giving them more time for, as Jerry puts that, proactive cybersecurity planning.
In Doug and Jerry’s conversation, they also answer some critical questions in cyber risk analytics, including:
- Who drives the implementation of cyber risk analytics?
- How do you make your threat hunting fun?
- What concerns can hold up cyber risk analytics deployment?
- How do you get the most value out of your solution and use-case?
To learn more, check out the video conversation between Doug Atkinson and Jerry Skurla on cyber risk analytics here:
Latest posts by Ben Canner (see all)
- Revisiting Whether SOAR Will Replace SIEM in Business Cybersecurity - May 29, 2020
- Changing SIEM From Reactive to Proactive with Threat Hunting - May 27, 2020
- Top-Down SIEM: An Interview with Avi Chesla of Empow - May 21, 2020