The first step for any security professional joining an organization as its new data protection leader is to assess the business’s risk tolerance. The lower the organization’s risk tolerance is, the more they should be baking anticipation into their overall cybersecurity strategy.
This means security functions must be agile, and to reach the level of agility needed to be successful, security teams must be adaptive. Businesses that have a very low-risk tolerance tend to take an adaptive approach to security, which involves continuous threat detection and response activities such as security orchestration and threat hunting.
Security organizations that embrace adaptive security are both agile when it comes to the threat landscape, but also continue to evolve proactively through the threat research and intelligence sharing it consumes, says Kory Daniels, global managing partner, iSecOps, at Trustwave.
“When you consider digital transformation, the business is evolving and moving to new IT and operational technology models that are putting stresses on security operations,” Daniels says. “[At that point] if an adaptive threat detection response program has not been operationalized, they’ll catch themselves ill-prepared.”
In the full video interview below, Daniels explains what taking an adaptive approach to security means and offers the steps security leaders should take to point the security organization in the direction of becoming an agile and proactive function.
To learn more about how Trustwave can help you take an adaptive approach to cybersecurity, or provide you with the same expertise and benefits of having one, read more about our offerings here.
Marcos Colón is the content marketing manager at Trustwave and a former IT security reporter and editor.