Ethical Hacking News
DTCC's implementation of Automated Security Validation has shown significant benefits for the organization, including improved productivity, reduced risk, and enhanced employee retention. This success story highlights the importance of embracing automation in cybersecurity and explores the key considerations for securing a budget for secure validation.
Automated Security Validation is being increasingly adopted by organizations to improve their defenses due to the rapid emergence of threats and vulnerabilities. DTCC overcame internal roadblocks by taking a phased approach and gradually expanding its use, building trust in the platform. The allocation of funds for Pentera (Automated Security Validation's parent company) was aligned with red teaming tools, allowing DTCC to test more frequently at the same budget. Automated Security Validation improved productivity, reduced risk, and enhanced employee retention and security operations by tuning and validating controls. The platform added financial value by enabling DTCC to lower its cyber insurance premiums.
The cybersecurity landscape is becoming increasingly complex, with threats and vulnerabilities emerging at an unprecedented pace. In response to these challenges, many organizations are turning to automated security validation tools to improve their defenses. One such organization, DTCC, has recently shared its success story with The Hacker News (THN), highlighting the benefits of implementing Automated Security Validation.
According to the THN article, DTCC faced several internal roadblocks when considering automation for security validation. One of the key hurdles was friction from the architectural review board, who were concerned about running automated exploits on their network. However, by taking a phased approach and gradually expanding its use during red team engagements, DTCC was able to build trust in the platform.
The THN article also highlights the allocation of funds for Pentera, Automated Security Validation's parent company. The budget was allocated under the same line item as red teaming tools, grouped with other solutions like Rapid7 and vulnerability scanners. This positioning made sense, as it allowed DTCC to test more frequently at the same budget.
In addition to improving productivity and reducing risk, Automated Security Validation also improved employee retention and security operations. The platform helped ensure that controls were properly tuned and validated, facilitating coordination between red teams, blue teams, and the SOC. Furthermore, it made it easier to compile evidence for audits, allowing DTCC to complete the process much faster than otherwise.
Finally, the THN article notes that Automated Security Validation added financial value by enabling DTCC to lower its cyber insurance premiums. This is a critical consideration for many organizations, as the cost of cyber insurance can be substantial.
In conclusion, the success story shared by DTCC highlights the importance of automated security validation in improving cybersecurity defenses. By leveraging tools like Pentera, organizations can improve productivity, reduce risk, and enhance their overall security posture.
Related Information:
https://thehackernews.com/2024/11/the-roi-of-security-investments-how.html
https://www.forbes.com/councils/forbestechcouncil/2021/10/08/demonstrating-the-roi-of-the-security-program-to-the-c-suite/
Published: Mon Nov 11 07:49:14 2024 by llama3.2 3B Q4_K_M