Why a Security Maturity Model Can Transform How You Use Analytics



With cyberattacks and breaches on the rise, security should be a major concern for all companies. In particular, enabling the development of an analytics maturity model is a useful addition to your traditional security information and event management (SIEM)-based operations.


It is possible to step away from only applying the with its rule-based analytics and move toward an integrated approach. The security capabilities built over the last decades based on SIEM and security orchestration and response are valuable. However, organizations can now move toward a security model that leverages the power of the traditional SIEM model and data science.  




Although there is not a one-size-fits-all approach when it comes to implementing a security analytics program, the security maturity model gives an indication of what one can expect and what many organizations have experienced. By identifying in which stage of the maturity model your company is, you can identify key milestones to focus on to move to the next stage as quickly and smoothly as possible. 



The Cost of a Data Breach is Time and Money  


A recent market found that the average cost of a data breach is $3.9 million. As if this wasn’t enough, the same study also showed that a breach stays undetected on average for 280 days within the company’s environment.





What does the 280-day figure mean for? Data analytics and analyze huge amounts of data to identify anomalies or create predictions based on historic data, but SIEM operations focus on real-time events and correlation of events ranging from one minute to seven days ago. This timeframe is 273 days too short. In that time, indicators and traces of an attacker might get lost or might not be correlated with current events.






Instead, you can implement a new approach to security analytics based on . An approach, such as a maturity model, uses the same tools and skillsets but changes the context of security events, including their metadata. Many organizations already have a large number of skilled data analysts within their ranks who focus primarily on business intelligence and market analysis. With this approach to security analytics, you can expand this team by adding security-focused data analysts while using the skills, tools and culture of the company’s current data analytics team. 





Security Maturity Model Stages 





The core idea of a maturity model is to identify the current standing of security operations, as well as to determine what the next stage is and how to get there. The goal is to identify which areas to focus on in order to move to the next stage as quickly and smoothly as possible. This maturity model is focused on six dimensions: vision, operating model, data and technology, engineering and operations, change management and people and enablement 




appeared first on .


[/not-available]