Global
Africa
South Africa
Albania
Australia
Austria
Belgium
Bosnia Herzegovina
Bulgaria
Canada
Canada FR
Croatia
Czech Republic
Denmark
Estonia
Finland 
Finland (English)
France
Germany
Hong Kong
Hungary
Iceland
India
Indonesia
Israel
Italy
Kosovo
Latvia
Lithuania
Malaysia
Middle East
Montenegro
Netherlands
New Zealand
North Macedonia
Norway
Philippines
Poland
Portugal
Romania
Saudi Arabia
Serbia
Singapore
Slovakia
Slovenija
Spain
Sweden
Switzerland DE
Switzerland FR
Thailand
Turkey
USA
Ukraine
United Kingdom
Vietnam
Selling To The CISO: Cyber-Traffic, Presenting & Data Governance
NDR & XDR: What makes it better or preferable to EDR?
In short, it depends on your particular wants and needs. Each one has its own set of potential gaps to bear in mind, such as with EDR where you can only cover your endpoints. However, NDR provides a much wider range of coverage than EDR.
XDR, which includes entities like Mimecast, Exabeam and Netskope, is better suited for larger network architectures that need a centralised threat detection approach. Palo Alto Networks’s XSIAM also provides a comprehensive approach, but covers an even wider range of bases and boundaries. For a service that provides EDR, NDR and XDR, Fortinet can be considered.
Other factors that influence the choice are budget, the boundaries it covers, and whether the foundation provides you with all your basic needs.
When presenting to the board, where do you start?
Three good points to focus on is the amount of detected threats, vulnerabilities that have surfaced, and controls maturity. One could also mention how well the staff is trained for this and whether they would need an education platform to skill-up.
Other points of discussion which vulnerabilities are associated with risk. Then what would be the business impact, and lastly the most cost effective way to handle them. Bitsight and Cymulate are good places to look for 3rd-party risk management and detection.
Can the accountability for I.T. and Information Security in GDPR be placed on different members of the board?
From a GDPR perspective, it shouldn’t sit with just the Security, it should also sit with the Legal team, in the sense that it’s a list of policies and frameworks rather than security.
Data protection is about making sure we have the appropriate controls in place, we have awareness in place, we know how to respond to personal data being breached.
How do we present metrics that have value and insight that are not just technical or just numbers?
Get a baseline of measures prior to the changes, it’s good for comparison. Ideally, have an independent consultant do an evaluation for you, this way it’s easier to define areas that are doing well or lacking, and where more focus should be placed to bring it up to standard.
One could also use Bitsight, as a part of their analysis gives a board-level report, making it a bit easier to represent such data.
Focus on KPI’s by looking at security processes, then get to a point where you’re providing KRIs that are like aggregates of threats, vulnerabilities and controls maturity, as well as potential impacts like the value of key assets, key business processes, and how business information is processed.
What kind of tools are being used for data governance?
A service that can be utilised is Varonis. They’re expensive, and there are several other options currently available for data discovery and data governance.
One can look to services provided by OneIdentity and Thales for accessible pricing that still encompasses a good, broad service.
