
Advanced machine learning models within an XDR framework could uncover what actually causes breaches, but first, we need better data transparency.
Company leaders worldwide are making huge investments to improve security, but they’re still awaiting a big return. According to Gartner, global spending on information security and risk management is expected to top $150 billion this year. One survey found its respondents pay an average of $2.7 million per year on security engineering, but only 51% found their engineering efforts to be effective or very effective.
One of the reasons is that we’re still looking at vulnerabilities we missed instead of taking a more proactive approach. Our best methodology today is to have very wide nets cast that aim to find technical anomalies or breaks in patterns. There’s no feedback loop to make sure that the alerts the security operations center (SOC) receives will actually stop resources from becoming compromised.
To get there, we need to understand what causes a breach. We already do this for vulnerabilities, which are direct causes of exploits, but that parallel doesn’t exist in users or networks. Verizon’s “Data Breach Investigations Report” (DIBR) is the only model that takes a stab at what causes breaches, and it’s still a statistical guess. Read more:https://bit.ly/3BcmXY9