CISO Executive Network Roundtable: Threat Prevention, Detection & Incident Response

Robinson Bradshaw hosted the February breakfast roundtable for the CISO Executive Network Charlotte group. The meeting's theme was "Threat Prevention, Detection & Incident Response." Robinson Bradshaw attorney Allen O'Rourke provided a brief cybersecurity and privacy legal update.

The speed, complexity, and volume of attacks has outpaced our ability to defend our assets effectively. Incorporating near-real-time threat data into our security operations should be improving our ability to more quickly detect and respond to threats. Automated orchestration of responses also promises to relieve some of the issues we have with limited resources. Additionally, we've seen a shift away from traditional Managed Security Service Providers (MSSPs) to Managed Detection and Response (MDR) services.

Areas of exploration included:

• The value of incorporating threat intelligence into your security operations
• Using risk modeling to define risk profiles for systems, data and applications
• Where threat detection is best implemented – endpoint, IoT devices, network perimeter, server, application, third parties, etc.
• Practicality of Security Orchestration, Automation and Incident Response (SOAR) solutions
• The trend toward MDR and away from traditional MSSPs
• State of tools rationalization in this space
• Which metrics tell us we are improving in this area
• Current state of member success in finding and retaining SecOps resources
• Deception and honeypot solutions
• Digital risk protection and new threat intelligence sources
• Security operations as a service (where is the industry heading? – hybrid MDR and internal SOC)