CIO OPINION
Typically , an IOC is something new or abnormal that is occurring . This is often a sign that your organisation has been compromised . An example of an IOC might be that some devices in the network are connecting to somewhere never witnessed before .
Or it might be an unusual rate of connection or an unusual amount of data being transferred to or from certain locations that are geo-based . Anytime you experience something you would not expect , proceed carefully and be suspicious .
Are we ready ?
Organisations need cybersecurity technology , but they also need to consider their readiness , which requires a strategy . Organisations can acquire pretty much any product or service that they want to protect against this or that particular threat , but the job does not stop there . initial attack occurred months before , despite all the relevant devices doing their job of generating data logs .
However , with no one analysing all the information , a preventable hack can easily occur . If your organisation wants to maintain its security posture , you must be able to do the triage .
Do we have a plan ?
When the triage has pinpointed an attack , your organisation needs to have a plan in place . And that means , you have to proactively know what tools you have , who the players are , and who needs to be doing what . This is not the time to say , Let ’ s call a meeting and figure it out !
Most hackers are using tools that are automated and execute at computer speed . If your organisation tries
Each of these new tools will generate information logs and reports . When the tools generate data , a dedicated individual or group must be ready to process all the new information .
If your organisation is not processing this new security data , some intrusion that could have been prevented invariably happens . Often , the IT team discovers the
When the triage has pinpointed an attack , your organisation needs to have a plan in place .
www . intelligentcio . com INTELLIGENTCIO AFRICA 43