Business

Safe Soaring: McAfee Advances Customer Success with Integrated Analytics, Ecosystems, and Experiences at MPOWER

Security embodies the analogy of fixing a plane in flight. Every company has some variety of security people, process, and technology in place already. So, like a plane in flight, your security infrastructure needs an operational model that can be updated, adapted, repaired, or serviced while it is actively at work protecting your business infrastructure. …

Optimize Operations

Time to Close vs. Root Cause – Are we measuring the wrong thing (again)?

“Human beings adjust behavior based on the metrics they’re held against. Anything you measure will impel a person to optimize his score on that metric. What you measure is what you’ll get. Period.” – Dan Ariely, Duke University behavioral economist in Harvard Business Review   When the Verizon Data Breach Investigation Report started reporting “time to” metrics …

Business

OpenDXL.com goes live! Join the movement.

Please help us celebrate the birth of the newest dedicated open source project site: OpenDXL.com. As the focal point for the OpenDXL community, it provides a forum for developers and enterprises to exchange ideas, get help and contribute suggestions, share and research integrations, and find training and other resources. When you want to imagine, discover, …

Business

New Report Quantifies Time’s Impact on Costs of Data Breaches and Disruption Attacks

New analysis from the Aberdeen Group, based on data provided by Verizon, provides fresh evidence quantifying the cost of time in two different incident types: data compromises and sustained disruption in service availability. These findings underscore the urgency for cybersecurity practitioners to minimize detection and containment time. According to the McAfee commissioned report by Aberdeen, …

Optimize Operations

What WannaCry Means for the SOC

In addition to the endpoint and network operational efforts for WannaCry, this outbreak presents great learning and response opportunities for analysts in the security operations center (SOC). Understanding and automating these best practices will set you up to handle evolving WannaCry activities, as well as the next fast-moving attack. Responding to an attack like WannaCry, …

Optimize Operations

Security Automation is Here —The Time is Now: 60% of respondents think manual processes are holding back security effectiveness

There was a time when automation was a dirty word in security. Now, it is a necessity. A new Enterprise Strategy Group (ESG) survey, sponsored by McAfee and other technology vendors, shows that 3 out of 5 organizations see manual processes as holding them back from better organizational effectiveness when it comes to security analytics …

Optimize Operations

Please Vote: Fourth Annual SANS IR Survey Wants You!

Share your perspective and help benchmark the industry. [And SANS will enter you to win a $400 Amazon gift card!] This is the 4th year that McAfee has co-sponsored the SANS Incident Response survey. We would appreciate your help capturing this year’s insights by completing this survey: https://www.surveymonkey.com/r/2017SANSIRSurvey Past survey findings have helped us understand …

Optimize Operations

Eating an Elephant: How the ESM 10 UX Team Reenergized SecOps (Part 1)

The first of a two-part series For some reason, elephants figure frequently in our conversations – “seeing different parts of the elephant”, “memory like an elephant,” and now, “eating an elephant.” This phrase, definitely meant as an analogy, expresses the lengthy, enormous, and daunting task that our development team faced in reimagining the user experience …

Business

Surviving the Deluge: Lifecycle Support for the SOC

For the last month, my corner of Northern California has endured record-breaking inundation from the skies, leading to mud slides, downed power lines, road closures, and, in my case at least, propane and power outages. It’s been hard to stay productive, stretching the resources of laptops, UPSes, mobile phones, wood piles, flashlights, candles, and great …

Business

New OpenDXL Clients released! Integrations Improve Endpoint Detection and Response, Intelligence Sharing, and Action Across Applications

Finding new ways to extract more value from security operations is a hot priority for most CISOs and security architects as they progress toward the goal of a proactive and optimized security operation. But according to our research, 26% of security operations centers (SOCs) still operate in reactive mode, with ad hoc approaches to security …

Business, Español

Lo brillante se mezcla con lo sostenible: OpenDXL como una plataforma de orquestación

De vez en cuando entro en un debate sobre qué constituye una plataforma. Para mí, significa conectar funciones y datos tan fácilmente y directamente como sea posible, equilibrando velocidad, simplicidad y seguridad. Si bien es bueno presentar esto como una arquitectura, con interfaces abiertas, el desarrollo de software moderno es más complejo. Las interfaces programables, …

Business

Paranoia, OpenDXL, and the Second Economy

You are not paranoid. They are out to get you. McAfee research showed that more than half (56%) of 2015 investigations resulted from a targeted activity by criminals, insiders, or nation states. This dominance increases the urgency to change our approach to security operations practices. The new book, The Second Economy, by McAfee CTO Steve …

Business

Measuring the ROI of Better Threat Defense: A Healthcare Study

In the absence of hard figures, improved threat detection can be difficult to sell to executive management, especially when competing with mandated projects and buzzword-rich initiatives. We’ve created a program that helps CISOs influence and drive urgency through quantifiable business outcomes that speak to organizational goals. Here’s an example of how this worked for a …

Business

The Zen of Security Operations

At some level, every company needs to identify and remediate attacks that get through preventative controls, identify and remediate risky internal events, and support and remediate compliance audits. That’s what you do today. You likely do some of these things better than others. Our goal is to help CISOs and SecOps optimize operations to consolidate …

Business

You’ve Been Hacked. Now What?

Picture this: you’re having a good day, just minding your own business, then all of a sudden the alarm bells start ringing and you realize that cybercriminals have infiltrated your network. You just lost the cybersecurity game (and you hate that). So what do you do now? How do you fight back? First, you have …

Business

Rules vs. behavioral heuristics vs. data mining vs. machine learning. Actually, you want it all.

Are you wandering a maze of analytics bingo? That’s understandable. Here’s a short history of the evolution of analytics, explaining why we keep inventing new forms, and including examples based on McAfee technologies. Most of security policy historically has been binary rules-based, requiring a specific certain condition: Firewall rules (yes/no), port rules. These rules help …

Business

Stop Reacting, Start Preventing

A good chef will constantly update their menu to keep up with what food trends customers might be craving. By doing so, the chef is able to prevent customers from abandoning the restaurant, rather than reacting when it might be too late, and dishes are outdated or unpopular. The same practice should be applied to …

Dynamic Endpoint, Optimize Operations

Progress Report: Critical Security Controls Adoption

Today the SANS Institute released its survey on adoption of the Top 20 Critical Security Controls (CSCs) for Effective Cyber Defense. It’s a worthwhile read for CISOs and security analysts charged with overseeing security and risk management. The survey documents adoption highlights and hurdles, primarily experienced by financial services and government organizations. Three sets of findings …