Your CEO Just Asked If We Are Protected from This Threat? Now What?

By on Jun 09, 2020

For years, CISOs have grappled with a fundamental challenge – understanding how protected they truly are against the latest threats and campaigns facing them. Never really knowing what threats and campaigns matter most to their specific organization, security teams have typically had to wait until vulnerabilities were weaponized, and threats were materialized before taking action. And even then, it has often been a scramble with no prescriptive guideline for ensuring protection. This has made the simple question – “are we protected?” – a nightmare for CISOs to deal with.

But what if the tables were turned and the SOC team could preempt a new threat before it attacks your organization.

Here is where MVISION Insights, the latest innovation in the McAfee Endpoint security platform, breaks the old paradigm and allows security defenders to get ahead of threats by solving three critical use cases for the SOC:

  • Proactive Prioritization of Threats: MVISION Insights proactively advises attacks that matter based on a particular industry vertical or specific geography by leveraging real-time, high-quality intelligence from over 1 billion sensors prioritized by AI and curated by McAfee ATR threat researchers. This advanced intelligence helps organizations quickly understand the nature of the approaching threats and enables them to prioritize and commit resources to proactively prevent these threats. For example, if MVISION Insights detects an uptick in attacks against US-based healthcare providers, then the CISO at your hospital is going to find that information very useful. Being informed, is halfway to being prepared.

 

  • Predictive Assessment of Security Posture: MVISION Insights offers a security score based on the prevalence and severity of the campaign and the organization’s own preparedness for blocking those threats based on their security configuration of McAfee endpoint security products. You know exactly how you would perform under an attack scenario and how this posture would compare to others.

 

  • Preemptive Prescription of Security Actions: If your security posture isn’t optimized for protecting against the attack, MVISION Insights offers specific actions to ramp up defenses against the threat or campaign before it hits. This becomes the prescriptive guide and takes the guessing out of the picture for the SOC at a time when they are under duress.

 

Fig 1: MVISION Insights prioritizes threats, predicts if your countermeasures will work and prescribes security actions to stay ahead of the attack

It typically takes weeks – with up to dozens of people – to complete a proactive investigation on one campaign. That’s untenable in today’s fast-moving threat landscape. Security challenges were already multiplying even before COVID-19. But with companies adopting work-from-home policies in response to the pandemic, cyber criminals seeking to exploit the health emergency have stepped up their efforts to find new ways to compromise defenses.

That doesn’t mean organizations are destined to suffer breaches. With MVISIONS Insights, SOCs will be able to glean proactive insights on many campaigns in minutes without requiring any other personnel to perform the investigation. This will allow security managers to redirect valuable security personnel to more strategic assignments. Not only does this fortify their organizations’ security and resilience posture, but it also saves time otherwise wasted on hunting down and investigating myriad threats.

And when there’s a new headline about an active APT group, CISOs won’t need to waste time on rounds of consultations with IT admins and security analysts hunting down definitive answers for senior management. With the advent of MVISIONS Insights, threat automation is about to take a leap forward that returns the advantage to the defenders. MVISION Insights is here!

 

About the Author

Ash Kulkarni

Ashutosh (Ash) Kulkarni is executive vice president and chief product officer of the enterprise business group at McAfee. He is responsible for product strategy and execution and for delivering leading-edge cybersecurity offerings that protect McAfee customers from threats to their applications, networks, data, devices, and other critical assets.

Read more posts from Ash Kulkarni

Subscribe to McAfee Securing Tomorrow Blogs