12 InfoSec Resources You Might Have Missed in August

At Exabeam, part of our mission is to help keep security professionals educated and informed on threat detection and incident response (TDIR) topics. In August, we created several resources for you. In case you missed them, here are 12 of our most recent pieces geared toward helping you mature your SOC and enhance your security posture with XDR and next-gen SIEM. Whether you’re a CISO or a security practitioner, there is something on this list for you.

1. Gartner^® Report: Market Guide for Insider Risk Management Solutions | Research Report

Gartner has created this Market Guide to help with understanding and implementing a comprehensive insider risk management program. This guide will discuss how the global transformation to a hybrid workforce (remote and on-site) has led to many management teams asking about how to ensure secure work practices and data protection, how system integration and organizational dependence on third parties have increased the need for insider risk monitoring, how the majority of insider risks are attributed to errors and carelessness, and a lack of focused education and awareness around insider risk.

2. Gartner^® Report: Hype Cycle™ for Security Operations, 2022 | Research Report

“Security operations is not simply a department, team, or set of technologies. It is a group of well-executed processes performed by personnel aiming to ensure a high level of resiliency. Security operations personnel require modern security technologies to quickly detect and mitigate threats and reduce exposure. It is not easy to find the skill sets or know which solutions to implement first. Gartner Hype Cycle shows a graphical depiction of common patterns that arise in security operations with each new technology or innovation.”

3. The Missing Link teams with Exabeam to provide top-notch protection for their SOC, and their clients’ SOCs | Case Study 

The Missing Link, a leading managed security service provider (MSSP), needed a security toolbox update to achieve faster, more consistent Threat Detection, Investigation and Response (TDIR) results for their clients in ASX Top 20, Healthcare, NFP, Global Retail, and FSI verticals. After a robust internal technology comparison engagement by Nick Forster, the company’s SOC Manager, The Missing Link selected Exabeam’s security solution platform for the job. Read the case study to learn how Exabeam generated fast, consistent, and customized solutions to the numerous challenges that Missing Link was facing.

4. The New CISO Podcast Episode 72: “Landing a Seat in the C-Suite” with Mike Woodson | Podcast 

In this episode of The New CISO, Steve is joined by Mike Woodson, Director of Information Security and Privacy at Sonesta International Hotel Corporation, to discuss the risksrisk and rewards of being a CISO. First starting his career in law enforcement and cybercrime investigation, Mike now applies his police mindset to cybersecurity leadership. With his varied experiences in mind, he shares how his unique background makes him a well-equipped CISO. Listen to the episode to learn more about getting to the root of a threat, working with global agencies, and why CISOs should be compensated well for their high-risk responsibilities.

5. The New CISO Podcast Episode 73: “Leading with a Military Mindset: It’s We, Not Me” with Steve Magowan | Podcast 

In this episode of The New CISO, Steve Magowan, Vice President of Cyber Security at BlackBerry discusses how military teachings apply to tech. First starting his career in the air force, Steve understands how the military mindset can make you an asset in the security field. Through evaluating the benefits of his experience, Steve shares what CISOs can learn from military professionals. Listen to the episode to learn more about the importance of understanding IoTs, the military work ethic, and how quality leadership stems from a lack of ego. 

6. Keys to the Kingdom: Guidance for Effective Zero Trust Architecture  | White Paper 

Traditional security access controls have fallen short, and a newer method, Zero Trust Architecture (ZTA), seeks to lock down access by moving defenses away from a perimeter focus with “some” trusted access, to an assumed breach, “trust no one, verify everyone” mindset, and presents a strategy to fill in the gaps exploited by malicious insiders and credential-based attacks. This paper attempts to resolve the confusion surrounding Zero Trust Architecture (ZTA) and presents a strategy to fill in the gaps exploited by malicious insiders and credential-based attacks.

7. Supply Chain Breaches and other OT/IoT Scenarios | Webinar 

Today, with international sourcing, the mixture of proprietary and open-source code, and enormous variability in vendor practices, perfectly securing the enterprise supply chain borders is virtually upon the impossible. The list of supply chain attacks is long and infamous, and, of course, this applies to hardware as well — peripherals, networking equipment, and IoT devices. But in the end, the commonality to all IoT devices and supply chain attacks is the compromise of credentials and authentication, followed by abuses of network privileges in proliferation and spread. Watch the webinar to learn what steps CISOs and IT security teams can take to mitigate risk from supply chain attacks, how SIEM and XDR solutions can detect attacks that have slipped past your perimeter defenses, how third3rd-party credentials are being used, and how user and entity behavior analytics (UEBA) can help detect unauthorized access.

8. Deloitte Implements Exabeam for Advanced Analytics on Insider Threats | Blog

As organizations move infrastructure into the cloud and adopt hybrid work models, the ability to secure employees through even a tightly-controlled corporate network becomes more challenging. Increasingly, workers depend on cloud-based applications and communicate across social media, personal email, and chat with clients outside of the purview of IT. As a result, insider threats are an increasing concern to security operations teams. Human behavior and psychology also play a significant role in defining an organization’s security posture. User behavior is always the weakest security link; seeing lateral movement and managing this vector is critical for any organization’s cybersecurity goals. Read the blog to hear about how Deloitte and Exabeam have teamed up to help organizations better manage insider threats and deliver improved resilience.

9. The 12 Elements of an Information Security Policy | Blog

Security threats are constantly evolving, and compliance requirements are becoming increasingly complex. Organizations must create a comprehensive information security policy to cover both challenges. An information security policy makes it possible to coordinate and enforce a security program and communicate security measures to third parties and external auditors. Read the blog to understand the 12 elements of an information security policy. 

10. Cyberseer Discovers Exposed Corporate Credentials by Integrating Digital Shadows Intelligence into Exabeam Managed Service Offering | Blog

Compromised credentials have become an ever-increasing threat over the past few years. Once a credential is exposed, malicious actors will rush to use it to try and compromise an account. As organizations also move to modern authentication mechanisms like SAML (where one credential provides access to multiple systems in an organization) a compromised credential becomes a very lucrative approach for hackers to gain a foothold in an environment — so much so that dark web subscriptions exist solely to broker exposed credential information to malicious actors and crime organizations. Read the blog to learn how Cyberseer solves compromised credentials with Exabeam. 

11. Anatomy of a Retail Point of Sale Cyberattack | Blog

The migration of point of sale (POS) management systems to the cloud has expanded the threat landscape and provided cybercriminals with a very popular vector for exploitation. It is a well-known fact that retailers are holding vast databases of Personally Identifiable Information (PII) and credit card data, which allows opportunists, and especially threat groups, to take advantage of the many possible areas of vulnerability — from system intrusion and social engineering to the “dishonorable mention” of denial of service attacks. These risks also include the human element; a high employee turnaround is also common due to temporary or seasonal contracts, as is the daily engagement with third-party distributors and vendors. These, in effect, give rise to insider threats due to incongruent or inconsistent security practices. Read the blog to learn about how cybercriminals find a way in and how to think like a cybercriminal by understanding the anatomy of an attack. 

12. The CISO’s Response Plan After a Breach | Blog

There’s no escaping the fact that post-breach leadership is a part of every security team member’s job. Spearheading post-breach action and recovery is the ultimate test of a security leader’s skills, confidence, and mettle. But it is also an opportunity for you and your organization to collaborate and shine in the face of adversity. This blog post discusses highlights from our recent webinar, The CISO’s Response Plan After a Breach, where Exabeam Head of Security Strategy, EMEA, Sam Humphries, and Exabeam Chief Security Strategist, Steve Moore, help you navigate the waters of post-breach response for when the inevitable occurs — whether you’ve lived through the experience of a previous breach, or are patiently waiting your turn.

Learn more about The CISOs Response Plan After a Breach

For more insights, watch our on-demand webinar, The CISOs Response Plan After a Breach.

During this session, Steve and Sam discuss:

• Planning and playing well with others
• SITREPs – what, when, and who needs to know
• When to communicate with and without emotion
• Consistency when communicating (internal and external)
• Containment and remediation — one big event or a journey?
• How to foster a culture of learning, not blame
• Dealing with the aftermath of audits and future scrutiny