Orchestration with and without intelligence: What’s the difference?

Orchestration with and without intelligence: What’s the difference?

How best to use orchestration and automation in cyber security operations is a question that many CISOs have been asking themselves. But when it comes to orchestration, what difference does it make if you use it with or without intelligence. Are there obvious benefits that we’ve been ignoring for years and how will its adoption change organisations in the long term?

Orchestration informed by security intelligence from within your environment, and threat intelligence from a variety of external sources, is more effective, resilient, and adaptive. An intelligence-led approach will inform your strategy for orchestration in multiple ways. By having intelligence on an adversary’s capabilities, attack patterns, and intent, organisations will be able to build and configure orchestration capabilities to defend networks. Even better, orchestration can be built to be more adaptive to changing adversary capabilities, attack patterns, and infrastructure as both internal security intelligence and external threat intelligence is available.

Copyright Lyonsdown Limited 2020

Top Articles

Universal Health Services lost $67m to a Ryuk ransomware attack last year

Universal Health Services said the cyber attack cost it $67 million in remediation efforts, loss of acute care services, and other expenses.

How the human immune system inspired a new approach to cyber-security

Artificial intelligence is being used to understand what’s ‘normal’ inside digital systems and autonomously fight back against cyber-threats

Solarwinds CEO blames former intern for hilarious password fiasco

SolarWinds has accused a former intern of creating a very weak password for its update server and storing it on a GitHub server for months.

Related Articles