The world is once again reeling from a massive ransomware attack that either severely impacted companies’ operations or caused them to take a closer look at their ability to identify, contain and remediate these incidents. As attacks on enterprise networks grow more common and complex, incident response (IR) teams and security operations centers (SOCs) grow increasingly besieged: 44 percent of security operations managers see more than 5,000 alerts every day, according to the Cisco 2017 Annual Cybersecurity Report. Due to the staggering volume, organizations only investigate 56 percent of these alerts, and remediate less than one-half of the actual threats…
[Continue Reading]