Using Microsoft MCAS Effectively
How to Investigate Cloud Incidents in Microsoft MCAS Microsoft Cloud App Security (MCAS) is a Cloud Access Security Broker (CASB) service that manages security activity in the cloud. When security analysts see cybersecurity alerts from MCAS, it can be often confusing to investigate these alerts because of the user interface (UI) design. Instead of seeing traditional […]
Are You Challenged with the Microsoft Sentinel Investigation Graph?
Use a focused methodology to avoid getting lost. Microsoft Sentinel’s investigation graph uses nodes to represent security data, and those nodes can be expanded to view all the related entities. If a security analyst expands the investigation graph information just once for each node, the investigation graph looks like the example image below. Therein lies […]
Accelerating Zero Trust Security (ZTS) – Part 2
How to prioritize your zero trust security (ZTS) initiatives In part 1 of this blog post on zero trust security (ZTS), we discussed the trends that are accelerating digitization and why CIO/CISOs need to adapt their cybersecurity posture as a result. We’d submit to you that Zero Trust Security is arguably the most important development […]
Accelerating Zero Trust Security – Part 1
How to prioritize your zero trust security initiatives We’re seeing major technological shifts such as work-from-home, automation, robotics, IoT, etc. accelerate due to the recent health and ensuing economic disruptions. Reality is that digitization was already facilitating these trends, and now CIO/CISOs must take the helm in enabling their organizations to make the transition toward […]
Is threat hunting a waste of time?
It can be unless you incorporate these strategies Many organizations are adopting regular cybersecurity threat hunting exercises as part of routine SOC operations. However, odds are that your threat hunting exercises aren’t very productive. The main reasons most threat hunting exercises are ineffectual range from the complexity of the threat landscape to lack of analytical/statistical […]
Is zero trust security an approach, architecture or new tech?
Yes—and how to unravel it for your organization Lately, the topic of zero-trust Security (ZTS) is one that we at CyberMSI have been discussing quite a bit with CIO/CISOs. In case you’re not familiar with ZTS, you can reference how the industry—and Microsoft in particular—defines ZTS here. Like so many of the other major shifts […]
Are you primed for success?
Why teaming successfully with your cybersecurity services provider is critical Henry Ford famously said, “Coming together is a beginning. Keeping together is progress. Working together is success.” This couldn’t be truer when it comes to your cybersecurity services provider. Easier said than done though considering that collaboration can be very challenging even between teams within […]
Is your team burning out?
Why incident management may be the problem If you’re reading this blog, odds are high that you don’t have to be convinced of the need to reduce the burnout resulting from working on a cybersecurity incident response (IR) team for even a short time. The only question is what to do about it. I’m going […]
Is your provider protecting you?
Why your cybersecurity services provider must do this Most managed detection and response (MDR) or managed security providers (MSP) claim to perform “response” services when a cybersecurity incident is identified. Their response typically comprises providing remediation steps or guidance that you as the customer will need to perform. That’s a problem. Not performing response activities […]