(1)Efficiency and the improvement of processes Flashcards
What do very well run cybersecurity teams do to increase efficiency and process improvement?
Strong cybersecurity teams use standardization and automation process to improve efficiencies, reduce mistakes, and create more valuable time for analysts to do more important work.
What is the importance of standardized processes?
Standardized processes provide consistency, saves time, and ensure that all teammates respond to repetitive tasks in the same manner.
Once a standardized process is in place, what is the next step in the growth of efficiency and process improvement?
The next step is to automated standardized processes to reduce or eliminate human involvement.
What type of platform provides opportunities for automation of processes?
Security Orchestration, Automation, and Response (SOAR) platforms give orgs the chance to automate security tasks that involve multiple systems.
What are the two main points of review to determine if automation is a good idea?
The two main points are:
-Is the process repeatable?
-Does it require human interaction?
How do Security Orchestration, Automation, and Response (SOAR) platforms assist with threat intelligence?
SOAR platforms help threat intelligence by allowing a team to bring information about threats (from multiple threat feeds) to help enhance data in regards to incidents in progress and help the team to react in a better, more comprehensive way.