Our bespoke Detection Maturity Assessment makes sure they’re up to the job!
Cyber resilience is paramount to survive in today’s data-driven economy, and various recent regulatory developments, such as the EU’s General Data Protection Regulation (GDPR), the network and information systems (NIS) Directive, or, for banks, Threat Intelligence-based Ethical Red Teaming (TIBER), among others continue to raise the bar.
But growing IT complexity and shorter time-to-market requirements make it more and more difficult to get security right. Security incidents, data breaches and even brief service outages are quickly picked up by (social) media and may lead to a loss of trust, and consequently reputational and financial damage.
Most companies have already invested in strengthening their preventive, monitoring and detection capabilities. But how can you be sure that your investments are paying off? While penetration tests can provide a view on how strong your preventive capabilities are, they only deliver a limited view on detection and monitoring capabilities, if any at all.
It’s actually very difficult to assess these capabilities, and solely measuring their outcome can be misleading. How can you be sure you’re safe if you didn’t detect anything? If you did detect an incident, are you sure it’s not a decoy and that you have not missed a more important, stealthier event? Are you confident that your third-party provider detects all events that really matter to you?
Have you ever thought about testing the strength of your detection capabilities? According to the latest M-Trends report1 (FireEye), it takes about 101 days to detect a breach. In other words, it’s crucial to get a view on the design and effectiveness of your monitoring and detection capabilities. To do that, you could, for example, rely on your internal audit to review your monitoring infrastructure and processes.
You could even ask that they assess whether staff are appropriately skilled. However, as real detection requires having the right monitoring tools, the right processes and the right people it’s very difficult for this to be effectively measured with an audit.
That’s why we’ve developed our Detection Maturity Assessment (DMA), a process capable of measuring the design and effectiveness of your monitoring and detection capabilities, and identifying weak spots in terms of tooling, processes and people.
A DMA comprises two steps (see below) and is complementary to your current security activities.It can be applied to all your publicly available applications, web services, endpoints, systems and/or people.
The first step can be executed in a standalone mode to help you identify and address key attention points. Once your design is considered adequate, we can go on to assess the technical side of your detection capabilities.
With our DMA, you’ll have comprehensive insight into the maturity of both the design and effectiveness of your detection and monitoring capabilities.