devising a plan is selecting a technology
too early in the process. Decision makers
should focus on the following: What is the
biggest risk to the organization? What can’t
be detected today? What should be hunted
and what should be ignored. It’s not about
hunting for the sake of doing it or saying its
part of a defense strategy. It needs to be the right thing.
The final decision about the delivery model should answer
the following questions:
■ ■ ■ Should it be build in-house, bought off-the-shelf or created
by an outsourced team?
■ ■ ■ Does the enterprise have access to the right people to build
■ ■ ■ Does it need outside help?
Securing an organization’s critical assets is a continual journey
of leveraging capabilities to maintain alignment with the changing
threat landscape. Security Analytics is a relatively new discipline
that is still evolving. However, it’s clear that complex algorithms
running across large volumes of data are fast becoming an important part of business defense. Security Analytics enables defenders
to rebalance the battle with attackers—move away from reactively
responding to security incidents and start hunting for threats
before they can do real damage! ■
ABOUT THE AUTHOR
COLIN McKINTY, VP of Cyber Security Strategy, Americas at BAE
Systems, has held various roles at the company in the both the US
and UK. Upon completing a Masters of Electrical and Electronic
Engineering, he then went on to receive his PhD from the University
of Surrey (UK) in 2001. He has spent more than a decade helping a
wide range of customers enhance and protect their organizations with
information intelligence and advanced analytic tools and processes.
He moved from the company’s HQ in the UK to the US in 2007
to run BAE Systems federal business, which led to a new role: Cyber
Lead for the Americas. This enabled him to focus on supporting
organizations in the commercial sector. Since 2013, he has been the
driving force behind BAE Applied Intelligence’s success in breaking
into the security market in the Americas. Colin has a strong
technical background with many years of practical experience
developing analytics coupled with the business experience needed
to speak with decision makers at all levels of an organization. He
can be reached at Colin.McKinty@baesystems.com.
Securing an organization’s critical assets is a continual
journey of leveraging capabilities to maintain
alignment with the changing threat landscape.
The goal is to find a better way to detect,
investigate and hunt advanced attacks
that threaten organizational reputations,
jeopardize personal job performances, expose
sensitive data and impact the bottom line.