What Purple Teams Wish Companies Knew
Here are some of the easily avoidable mistakes most companies made last year, gleaned from hundreds of cybersecurity engagements by red and blue teams.
After analyzing and buttoning up hundreds of cybersecurity incidents in 2022, a group of purple team consultants compared notes to share five of the most common mistakes they've observed organizations make.
A purple team is a group of offensive cybersecurity professionals (red team) working in tandem with defending teams (blue team) to improve operations and mitigate threats.
Lares security assessment firm has published its purple-team findings that found companies keep making the same five errors: bad event logging, a lack of offensive security knowledge, maintaining a codependent relationship with the security operations center (SOC), too great a reliance on tools, and excessive outsourcing. Organizations need to pay attention to critical log events so that they don't overlook signs of malicious activity, to not expect detection and response tools to find all bad actors, and invest in their employees to learn and grow their security skills.
"To properly defend their organizations, security professionals need to be aware of the latest threats and how to respond," Andrew Hay, chief operating officer of Lares, said about the new report. "Security teams also need to be mindful of the potential issues that can arise from their defensive measures."
About the Author(s)
You May Also Like
Beyond Spam Filters and Firewalls: Preventing Business Email Compromises in the Modern Enterprise
April 30, 2024Key Findings from the State of AppSec Report 2024
May 7, 2024Is AI Identifying Threats to Your Network?
May 14, 2024Where and Why Threat Intelligence Makes Sense for Your Enterprise Security Strategy
May 15, 2024Safeguarding Political Campaigns: Defending Against Mass Phishing Attacks
May 16, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024