Does the term "novel attack" resonate with security teams? or does "unknown attack" resonate better? What would you consider novel/unknown attacks? Does your current threat detection solution detect novel/unknown attacks?

Security & GRC Data Protection & Encryption

4.2k views1 Upvote3 Comments

Sort by:

Director of Information Security in Services (non-Government)a year ago

Novel attack resonates more. These attacks may include multiple stages and exploit vulnerabilities to perform an EDR bypass, C2, or ransomware.

CISO in Softwarea year ago

I always think of 0-day vulns and associated attacks as novel.

CISO (CISO) in Healthcare and Biotecha year ago

Novel attack certainly resonates more. Unknown attacks are only unknown until forensics figure it out. A robust incident detection and response system (SIEM, UEBA, XDR) should be able to detect unusual activity and let your SOC investigate. them.

Content you might like

What's your most indispensable cloud infrastructure tools to use in addition to what you get from GCP, AWS, Azure?

HashiCorp (Terraform, Vault, Packer, etc.)22%

Cloud infra automation (Ansible, Puppet, Chef, etc.)56%

APM (Datadog, AppD, SignalFX, NewRelic, etc.)10%

Others?10%

View Results

What are your organization’s drivers for implementing RegTech?

Support future growth36%

Automate manual processes59%

Demonstrate compliance49%

Reduce risk exposure43%

Improve customer experience16%

Reduce costs13%

View Results

I’m looking for a “Ransom Consideration Matrix” to use as a supplement to a ransomware response decision tree. Ideally, it would include factors such as: Reputation Impact Scope of Attack Disruption to Operations Threat Intel / APT Reliability Condition of Backups Long-Term Sustainability of BCP Does anyone have any examples of a graphical decision tree or matrix that incorporates some of these types of elements? This is to include in a playbook.

Which pitfalls—model bias, false positives/negatives, data quality, regulatory constraints—often impede AI-based security tools, and how can they be mitigated in a financial-services context?

Do you have any tips to boost the SOC/security operations team’s visibility into IAM? Have you managed to effectively close that gap at your organization?

Does the term "novel attack" resonate with security teams? or does "unknown attack" resonate better? What would you consider novel/unknown attacks? Does your current threat detection solution detect novel/unknown attacks?

Sort by:

Content you might like

What's your most indispensable cloud infrastructure tools to use in addition to what you get from GCP, AWS, Azure?

What are your organization’s drivers for implementing RegTech?

Which pitfalls—model bias, false positives/negatives, data quality, regulatory constraints—often impede AI-based security tools, and how can they be mitigated in a financial-services context?

Do you have any tips to boost the SOC/security operations team’s visibility into IAM? Have you managed to effectively close that gap at your organization?

What sets us apart?

RELATED ONE-MINUTE INSIGHTS

How are U.S. CISOs Addressing Liability Risk?

CrowdStrike Outage: Impact And Recovery

Impact & Perceptions of A Privacy-First Digital Era

Challenges & Tools For A Privacy-First Internet Age

IT and Infosec Collaboration on Vulnerability Patching

Take Your Insights On-the-Go