Bruce Roton, CISSP, CISA, CISM, CIPP/US, C|EH, C|CISO, CRISC, ISO-27001, CGEIT, CSSGB(IT), ITIL, CSMCP
It is a common axiom of cyber security wisdom that it is not a question of if an organization’s defenses will be breached, but only a question of when. Further, while cyber-attacks and data breaches are always business disrupting, they can also be very costly. Therefore, Time to Detection and Time to Effective Respond have become critical measurements for the success of any organization’s cyber security program. An effective and proactive Intruder Hunting Program, combined with a well-planned cyber response, can help stop cyber-attacks before they become business disrupting events, and should be a cornerstone of any Enterprise Cyber Security Program.