Earl Matthews, a vice president at Hewlett Packard Enterprise, has said public sector organizations should evolve from a continuous diagnostics and mitigation approach to a situational awareness model that can foster cybersecurity collaboration.
Matthews wrote in a blog article published Sunday in Signal Magazine that a cyber SA model can be based on analysis of sensors, files and web objects as well as on the “correlation of global network traffic flows against industry threat intelligence feeds and threat models.”
He added the model should work to integrate analytics with mission dependencies and that results should be shared across an organization and with external partners.
Matthews cited intelligence, integration, speed, analytics, expertise and resiliency as potential key elements of the cyber SA model.
“No single countermeasure is effective against every threat.”
“Resourcing cybersecurity and cyber SA becomes a matter of sound risk management decisions based on threats and vulnerabilities to data, applications, systems and networks that have the highest likelihood of impacting mission assurance.”