Breach, Cloud Security, Data Security, Network Security

‘Know thyself:’ To combat external ATP threats, first look inward

To most effectively combat sophisticated and stealthy cyberattacks by advanced nation-state actors, today's modern-day security operations center must first truly understand their own businesses, according to Monzy Merza, vice president of security research at Splunk.

"They have to understand where the risks are, where the threats are based on the environment that they're living. So know thyself first," asserted Merza in an interview with SC Media at Black Hat 2019 in Las Vegas. "And once you understand that, then you can work your way backwards to [determine] what kind threats will you face, what vulnerabilities do you have... within your system, and what sorts of adversaries are the ones that are known to exploit those kinds of vulnerabilities." And from there, the SOC team can fortify their operations accordingly.

In light of the Capital One data breach that was disclosed last month, Merza also offered his take on how organizations can respond better to cyberattacks on cloud-based assets.

"It still boils down to the basics in many ways. It's how well are organizations doing their vulnerability management, how well are they doing configuration management," said Merza.

Merza also said that as companies increasingly migrate systems, services and data to the cloud, security operations are "going to get pressured a little -- and are already getting pressured -- to learn more about how applications and services and technologies work, and I also think it's a very good opportunity for security teams to start to become part of the business rather than sitting outside and looking inward.

Bradley Barth

As director of multimedia content strategy at CyberRisk Alliance, Bradley Barth develops content for online conferences, webcasts, podcasts video/multimedia projects — often serving as moderator or host. For nearly six years, he wrote and reported for SC Media as deputy editor and, before that, senior reporter. He was previously a program executive with the tech-focused PR firm Voxus. Past journalistic experience includes stints as business editor at Executive Technology, a staff writer at New York Sportscene and a freelance journalist covering travel and entertainment. In his spare time, Bradley also writes screenplays.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.