By Sandra Wheatley, Sr. Vice President, Marketing, Threat Intelligence and Influencer Communications, Fortinet
Executive Perspectives
Perhaps the most resource-intensive task required of security teams is the correlation and analysis of the massive volumes of data being produced by security devices and network sensors. This challenge is probably most apparent in the fact that network breaches often remain undetected for months, allowing cybercriminals to plant time-bombs, establish elaborate botnets, and slowly exfiltrate millions of records containing customer information and intellectual property. This challenge is compounded with the growing skills shortage the cybersecurity industry is facing globally, further adding to organizations’ risks. In fact, a recent Fortinet survey found that 73% of organizations had at least one intrusion or breach over the past year that can be partially attributed to a gap in cybersecurity skills.
There are steps organizations can take to close the cyber skills gap. The first is to ensure that security tools don’t operate in isolation. If a security tool or sensor detects an anomalous behavior, it needs to be able to share that with other tools so that data can be correlated and compared against other data, as well as be cross-referenced against external threat intelligence feeds. This process is accelerated and suspicious activity can be detected faster when these tools are, by design, tightly integrated together.
