A very large percentage of security breaches are caused by human error. HUMANS are the weakest security link in today’s technology infrastructure. That said (and perhaps ironically), best security practices require continual human examination and intervention, even with the proliferation of new security devices and software that claim to replace the need for human action via automation.
Businesses are simply not going to automate and orchestrate their way out of the security challenges that we face today.
New security devices and software belch vast amounts of data containing the single information nuggets that hold the clues to a security event. These “clues” often go unnoticed amidst the noise of the massive data flow, and companies lack the staff to continually investigate the large number of events these systems deem as actionable.
This is where my company comes in. Pinnacle’s approach to security management leverages processes and tools to the fullest but, at the end of the day, it is a human being with a deep interest in our mutual success that makes the difference. Our mission is to reduce the noise, inspect the right data and provide our customers with actionable security events.
As an example, for one of our smaller Managed SOC clients, we ingested 1.6 billion security events last month from their tools. Per our custom rules, our platform created 31 actionable incidents. Each of those 31 incidents was reviewed and triaged by a SOC Analyst. We are looking for the needle in the haystack—the needle that could cause a puncture.
In this case only one incident, of the 1.6B, was escalated for response and remediation.
The inspection of actionable events is done by our people, interacting with your people, who collectively bring timely visibility to the security events that impact your organization.
All of the tools that you have purchased will be defeated until there is a time when AI can understand the mistakes a human can make. Until then, it will take humans to find and mitigate today’s security threats.
For a demo and overview of our human approach to security incident management, please contact me.