Todays security challenges do not stop at your door. If you want to be protected against malicious actions, you have no option, but to invest in security.
Of course, security comes in many forms, from virus protection to Anti Malware over firewalls to Intrusion detections ... and all these systems provide security data.
In order to monitor and control your security, you will need a Security Infrastructure Event Management system, tailored to your needs.
A good protection does not consist of building a fortress where no one can enter or exit. A good protection is to practically give access to those who need it and to protect everyone of your company against malicious interventions.
In practice, you will need to define the perimeter you want to protect and control. Always start with the most important assets that you have.
It is easy to say, we will implement security using an active SIEM solution, however, you will first need to know what you want to protect in your environment.
A good starting point would be to use MITRE ATT&CK®.
MITRE ATT&CK® is a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations. The ATT&CK knowledge base is used as a foundation for the development of specific threat models and methodologies in the private sector, in government, and in the cybersecurity product and service community.
