An ever-changing threat landscape has highlighted the importance for organizations to be Situation Aware when evaluating their risk exposure to existing and emerging threats.
From a cyber-security perspective, Situation Awareness fundamentally rests on three pillars:
- Understanding of the environment: for example, internal networks, their perimeters and interconnections, network infrastructure, on-premise and cloud hosting, servers, clients and also all of the centralized services that may be consumed (e.g. AD, DNS, DHCP, NTP, AV etc…)
- Understanding of potential vulnerabilities: for example, legacy operating systems, unpatched industrial control systems, external connectivity, insecure communication protocols etc.
- Threat Intelligence: including knowledge of both internal and external threats in order to model, predict and react to cyber threats.
In this presentation, attendees will learn about such combination of environment and threat intel, and how this ultimately helps organizations to predict and respond to potential problems that may occur under different threat scenarios. Chris Sandford will elaborate on building this overarching capability into risk management, which yields preventative decisions and actions to be taken in order to secure operations.