ReliaQuest’s annual customer conference, EXPONENT, has concluded! We conducted over 30 sessions during this two-day event. Below, we’ve provided a recap of the key themes and top takeaways.
Decentralized Cybersecurity Is Here to Stay
Organizations today are faced with an unrelenting pace of technological change. From mergers and acquisitions to supply-chain shifts and pandemic-induced changes in the workplace, it is safe to say that decentralized cybersecurity is here to stay. Shift your focus from solving the data problem, to analyzing information and finding the threats. Start thinking differently – push your vendors and technology partners to enable a decentralized process in your environment. It will allow your organization to operate with greater flexibility, faster innovation, and quicker response.
Relationships Are Essential
We often get caught up in the technology – the bits and the bytes, the cool and flashy user interfaces. It’s easy to be distracted by bright and shiny objects. But in the end, as many leaders have shared, relationships are key. As we always say, security is a team sport. Make sure that you are enabling the business by creating a solid connection between the security team and other departments. Both internally at your organization and with external vendors like ReliaQuest, strong, integrated teams are paramount to success.
Discover What’s New in GreyMatter
In the last six months, a multitude of features and capabilities have been added to the GreyMatter platform. We highly encourage you to dive into the platform to realize even more value. Specific items to take note of:
- Model Index and Verify are now integrated into the platform, to better measure the evolution and consistency of your security program’s visibility.
- Reference lists track critical assets and show up in enriched alerts and incidents.
- The more techs you integrate, the better the investigations and automations will be. The power of GreyMatter will only grow with the number of techs integrated.
Embrace Automation to Maximize Value
The reason automation is vital is rather simple – automating mundane tasks enables your workforce to focus on responsibilities that deliver more value to the business. Reducing time to resolution allows quicker engagement and helps analysts decide where they need to go and where they need to hunt. Automation is not removing analyst engagement – it’s there to allow a more in-depth, thorough process.
Track Metrics That Impact the Business
While many are committed to developing a stronger risk-based security posture, communicating risk easily and accurately is notoriously difficult. Ensure that your organization is tracking metrics like visibility, team performance, and the MITRE ATT&CK map to better align security initiatives, track progress over time, and make improvements.
Visibility Across the Cloud
Enterprise data in the cloud is multiplying by leaps and bounds. It’s hard enough to keep track of on-premises data along with associated threats and attempted breaches. Make sure you can see what you need to protect by obtaining greater visibility into cloud resources. Ideally, this cloud visibility spans not just cloud platforms, but also security information and event management (SIEM) systems, endpoint detection and response systems, and more.
Go Beyond Tabletops
Conducting a tabletop is a great way to facilitate effective communication between security teams and others in an organization. Involving business units like Legal, HR, and Finance in this exercise not only invokes a feeling of inclusion, but also allows multiple teams to understand each other’s perspectives, ultimately boosting an organization’s resilience. Taking it a step further will advance your security posture even more – go beyond the tabletop to test the technical defensive capabilities and ensure the controls you rely on work.