Transforming security decision making

Transforming security decision making

data driven cyber security decisions have many benefits

Data-driven risk assessment that is based on detailed cyber threat data will enable better security decisions.

Security decisions can be hard to take. Sometimes there is only scant information about possible threats. At other times the “firehose” effect can confuse decision makers and hide damaging incidents in a welter of insignificant events.

A new service from Verizon currently in development at promises to add a powerful tool to the security professional’s armoury.

A combination of cyber security data and insight

The Verizon Risk Report combines three sources of cyber security data:

Together these create an automated and very comprehensive security risk scoring framework that identifies cyber security weaknesses and associated risks on a daily basis.

Alex Schlager, executive director, security services, for global products and solutions at Verizon describes the benefit of this new service as follows: “Security strategies have historically been focused on static defenses. But in today’s fast-evolving security landscape, to be truly effective they need to be dynamic, proactive and adaptable.”

Schlager stresses that businesses can no longer wait for cyber-threats to occur. Nor can they rely on historical security strategies based on yesterday’s threat landscape.  They need to make data-driven security decisions based on today’s threats in order to address today’s gaps in their security posture

Three different cyber threat views

The Verizon tool helps businesses evaluate their current risk profile and calculate the probability of a future breach. In addition, users are given an assessment of potential preventative measures.

Interestingly, the tool comes with three different risk “views”:

  • An ‘outside-in view’ that provides external assessments that includes an analysis of deep web and dark web information
  • An ‘inside-out view’ that adds an analysis of the organisation’s in-house systems to deliver an internal risk profile specific to the organisation’s individual industry
  • A ‘culture and process view’ that adds a human assessment of the organisation’s security policies, processes, culture and behavior, a security “lens” that is frequently ignored

This newly launched tool, combining as it does human analysis, a consideration of organisational culture, and data from a variety of different sources including the dark web is very likely to be a significant asset in the constant and ever more difficult battle against cyber criminals.


Photo credit: Copyright HAKINMHAN under licence from iStockPhoto.com

Copyright Lyonsdown Limited 2021

Top Articles

RockYou2021 data leak: 8.4 billion passwords compromised

A report shows that 100GB of data which includes 8.4 billion passwords have been recently leaked on the internet, people are being encouraged to secure their accounts.

Hackers Breach Electronic Arts & Steal Game Code

Electronic Arts, one of the world's biggest video game publishers including games such as FIFA, Madden, Sims and Medal of Honor, are the latest company to be hacked.

JBS Foods paid £7.7m in ransom to REvil ransomware gang

JBS Foods, the world’s largest processor of beef and poultry products, has admitted to paying a ransom of $11 million to cyber criminals, a week after it announced that operations…

Related Articles

[s2Member-Login login_redirect=”https://www.teiss.co.uk” /]