PRO+ Premium Content/Information Security
Access your Pro+ Content below.
Is threat hunting the next step for modern SOCs?
This article is part of the Information Security issue of May 2017, Vol. 19, No. 4
Edgy, creative and confident. These are the qualities of a good threat hunter, Deneen DeFiore, CISO of GE Aviation, has found as she develops the aircraft suppliers' threat hunting program in Evendale, Ohio. "We're looking for someone who has the confidence to take a risk and prove out their hypothesis about a threat." GE Aviation started its threat hunting program informally four years ago, around the time of the now-infamous Target breach. Five to seven threat hunters now work full time at GE Aviation, and most of the major business units at General Electric have about the same number of threat hunters working to actively identify threats and automate searches. Just what is a threat hunter? They are people who search for the traces attackers leave behind in an IT environment, usually before any alerts of their activities are generated by security devices. The best threat hunters use threat intelligence, custom tools or threat hunting products -- Endgame, Infocyte, Sqrrl Data -- to identify threats and then automate searches ...
Features in this issue
-
Challenging role of CISO presents many opportunities for change
With some reports showing incredibly short tenures, new CISOs barely have time to make their mark. The salaries are good; the opportunities for the right skills, unlimited.
-
Polycom CISO focused on ISO 27001 certification, data privacy
Tasked with security and compliance, Lucia Milica Turpin watches over internal systems and remote communications customers entrust to the video conferencing company.
Columns in this issue
-
CISO job requires proven track record in business and security
In the security field, certifications and degrees are never a substitute for on-the-job experience. For women in security, the challenges may be even greater.
-
Q&A: GDPR compliance with Microsoft CPO Brendon Lynch
Failure to achieve compliance with the EU's General Data Protection Regulation in the next 12 months can trigger fines of up to 4% of a company's gross annual revenue.