The long-acknowledged core problem with threat intelligence today is the software equivalent of a Yin and Yang situation. The algorithms are smart enough to catch a massive number of log anomalies, detecting any pattern deviation that might indicate an attack attempt. That said, they are not yet smart enough to identify accurately the real threats from innocuous activity. The challenge lies, in part, between what the expectations and definitions are for the CISO and the realities of how attackers exploit corporate network vulnerabilities.
Most experts say that the viable answer is to not wait for the software to get better, lest it be forgotten that the bad guy’s software is not only also getting better, but getting better faster. So the real answer is to obtain more meaningful data for the algorithms on hand.
Please register to continue.
Already registered? Log in.
Once you register, you'll receive:
The context and insight you need to stay abreast of the most important developments in cybersecurity. CISO and practitioner perspectives; strategy and tactics; solutions and innovation; policy and regulation.
Unlimited access to nearly 20 years of SC Media industry analysis and news-you-can-use.
SC Media’s essential morning briefing for cybersecurity professionals.
One-click access to our extensive program of virtual events, with convenient calendar reminders and ability to earn CISSP credits.