It doesn’t have to be.

            First, we need to think more proactively – reacting to incident alerts and then scrambling to identify the
            best response leaves adversaries with an advantage. But proactive security certainly has its challenges;
            trying to spot looming threats has been dismissed as too difficult and expensive.

            Frankly, wading through millions of data points is not a human-scale problem. Without tools to effectively
            process,  analyze,  and  prioritize  data,  these internal  clues  often  remain  undetected,  or  are discovered
            forensically, long after attacks have occurred.


            Today’s security challenges are less about detection than they are about connecting the dots. With the
            growing number of tools, there is lots of overlap, and adding new tools has diminishing returns. Ultimately,
            we need better ways to integrate, connect,  and orchestrate  action across the security tools we already
            have.

            St. Margaret’s serves as a stark reminder of the worst-case scenario for a small healthcare organization.
            Without  enough  resources  to  invest  in  robust  security,  updated  systems,  and  without  having  a  clear
            recovery plan, these important local providers can be put out of business, leaving their communities with
            limited – if any – healthcare services.

            This is an industry-wide problem, yet we expect our under-resourced teams to defend themselves against
            perpetual threats. Visibility is critical to detection. Automation is critical to scale. Intelligence and alerting
            are  critical  in  order  to  take  action.  But  we  can’t  rely  solely  on  independent  tools.  We  must  invest  in
            pragmatic systems that can integrate, share, and contextualize quickly, reliably, and with confidence, and
            make these capabilities available as managed services for smaller organizations.





            About the Author

            Emily L. Phelps has written about and worked in the cybersecurity space for nearly
            a  decade.  Throughout  her  career,  she  has  helped  translate  complex  technical
            material  into  digestible  insights  for  business  leaders,  and  she  has  supported
            cybersecurity initiatives and solutions in order to assist practitioners in their day-to-
            day  work.  Emily  is  a fierce  advocate  for  pragmatic  cybersecurity  programs  that
            enable organizations to operate, uninterrupted, by cyber threats.

            Emily  can  be  reached  on  Twitter  at  @CywareCo  and  at  the  Cyware  website:
            https://cyware.com/















            Cyber Defense eMagazine – August 2023 Edition                                                                                                                                                                                                               57
            Copyright © 2023, Cyber Defense Magazine. All rights reserved worldwide.