0
Following
3
Follower
0
Boost

METRICS FOR THREAT INTELLIGENCE ROI

When planning for security resources, every business, either big or small, often struggle for security budget. We must accept the fact that the cybersecurity industry is overloaded but understaffed. Cyber threat analysts have to attend cascades of alerts because of the tools that cannot automate data collection by themselves. Hence, threat vectors have become confident, and persistent. The growth in cybersecurity jobs is outpacing the current workforce, and due to the widening gap, one person has to perform the job roles of many. Threat intelligence requires a process-oriented approach. The variations of risk tolerance and business processes differ use of threat intelligence. The challenge would be about the security team leveraging threat intelligence to increase ROI with the limited workforce. Steps involved in finding the ROI of threat intelligence – Develop key performance indicators (KPI) Every threat intelligence program requires KPI to measure its effectiveness. To make the KPI strategy successful, you should decide on the priority of threats, and evaluate providers for their valuable information that can be mapped to each quarter. The team’s mission should also be mapped to the KPIs so that the organization shall head-forward in a single direction. Evaluate and assess threat intelligence providers The process of threat intelligence cannot be planned and assessed with the approach of ‘one-size-fits-all.’ The different issues to be addressed are –

84% OF EMPLOYERS FIND CYBERSECURITY CERTIFICATIONS THAT ALIGN WITH MILITARY JOB ROLES AS THE GOLD STANDARD FOR HIRING

University of Phoenix and EC-Council release a joint survey that highlights the cyber certifications employers seek in new candidates A new survey from University of Phoenix and the International Council of E-Commerce Consultants (EC-Council) found that 59% of surveyed companies with 100 or more employees plan to staff information security professionals in 2020. However, candidates in the job market may not have the skills employers are seeking. According to the survey, 67% of IT executives at companies with at least 100 employees or more require industry certifications as a basic requirement for hiring considerations. The joint survey aimed to uncover IT employers’ perceptions during the hiring process. The findings highlighted the importance of cybersecurity degree programs paired with stackable credentials aligned to military job roles and occupations. Of the 256 IT employers who were polled, 86% said that industry certifications aligned to cyber-affiliated U.S. military job roles and occupations play an important role when hiring candidates. In fact, almost half (48%) agreed they are either very important or absolutely essential and 84% consider them to be the “gold standard” when hiring “Cyber threats are growing exponentially, and IT employers must ensure that the candidates they are hiring possess the proper education and skills to take on these threats,” said Stephanie Benoit-Kurtz, lead cybersecurity faculty at the University’s Las Vegas Campus. “Organizations often don’t have the time or funding to invest in developing employees, and these industry certifications often provide the minimum standards to prepare professionals to combat today’s cyber threats.” Highly regarded cybersecurity industry certifications with aligned job roles and outcomes may be easier to obtain than you think. The survey found that nearly all IT executives (91%) said that they would be likely to provide tuition assistance to an employee seeking to earn a degree that helps prepare for industry certification aligned to U.S. military job roles and occupations. “We tend to look at the bigger picture of career opportunities as a nation, when we should be focusing on what skills and credentials employers’ value most when considering a candidate,” said Wesley Alvarez, director of academics, EC-Council. “As much as they love to hack, it is paramount that graduating students who achieved these challenging credentials understand how to harness their skills in a professional environment.”

DIGITAL FORENSICS: KEY SKILLS OF A CERTIFIED INVESTIGATOR

The terms ‘forensics’, ‘digital forensics‘, ‘computer forensics‘, or ‘cyber forensics’ gives the impression of law enforcement. Whereas, in reality, digital forensics plays an important role in cybersecurity. Digital forensic is an independent team of cyber forensic is an expertise similar to other cybersecurity teams. Proficient standards to be a certified cyber forensic investigator Owing to a continuous demand for digital forensic training by the companies, appreciable number of certifications are available. Employers preferably look for certified forensic investigators having key-skills on digital forensic. The most common standards that a certified digital forensic investigator should have are as follows: “Practitioners require technical and professional training in digital forensics principles and processes.” – Jason Jordaan, principal forensic scientist at DFIRLABS, at the ITWeb Security Defeating anti-forensics techniques Computer forensic tools allow cyber forensic investigators to retrieve deleted files. On other hand, anti-forensic tools do the reverse. Anti-forensic tools and techniques work against cyber forensic tools. The anti-forensic tools alters, hides, or deletes the information. Anti-forensic tools also implicate users by introducing fake evidences, or by exploiting bugs in the tools, and more. A digital forensic investigator is the one who should have the knowledge and skill to identify and mitigate anti-forensic tools and techniques.