Twenty years ago, a paper written for DARPA (Defense Advanced Research Projects Agency), “The US is Not Safe in a Cyberwar”, was referenced in a memo from Donald Rumsfeld, then Secretary of Defense, to William Schneider, Jr., then Chair of the Defense Science Board, asking for defense recommendations. Decades later, even with the attention given at the highest level to cybersecurity, the war still rages on. Fueled by the COVID-19 pandemic, nefarious activities in cyberspace have been fast and furious this year. Threats of different kinds emerged. In some cases, bad actors took advantage of the new remote work phenomenon. In other cases, they targeted healthcare organizations to access sensitive data and/or to pose as the organizations themselves. In April, the WHO (World Health Organization) reported a five-fold increase in cyber-attacks.
Orgs have to get Cyber Resilient
More than ever, with the increasingly intense and rapidly evolving attacks, you need to boost your organization’s cyber resilience to minimize exposure and recover (if breached) quickly. Cyber resilience, by definition, means adapting in the face of adversity and challenges. However, it is a monumental task due to the tsunami of incidents, many of which are false positives, and a severe talent shortage. Organizations need to become resilient by getting to a place where they can use human and artificial intelligence to easily identify threats
The ArcSight team has been serving and learning from the security operations community over the past 20 years. This 20 year worth of know-how culminated in the latest release of ArcSight 2020 designed to significantly sharpen SOC (Security Operations Center) team’s focus on what truly matters so you can respond faster and better with confidence.
What’s new with ArcSight?
ArcSight 2020 introduced a number of upgrades across the ArcSight platform and premiered our next-generation logging and investigation tool, ArcSight Recon. While it serves primarily as an advanced threat hunting and compliance solution, Recon also acts as a single event storage solution for the ArcSight portfolio. Another key highlight of this release is that it marks the full integration of our behavioral analytics solution ArcSight Interset within the ArcSight platform. By bringing in Interset and Recon, ArcSight 2020 provides security teams with a truly unified Security Operations platform, where real-time correlation, behavioral analytics, and advanced threat hunting all work seamlessly together from a shared interface and a single storage solution. This release also includes some notable improvements to making SecOps more open and cloud-friendly, with enhanced ArcSight support for Microsoft Azure, AWS, and cloud-native deployments. And lastly, ArcSight acquired SOAR (Security Orchestration Automation Response) capability in July 2020 to help ease the pain of talent shortage.
How well do you know ArcSight?
We would like to express our sincere gratitude to our customers and partners, had it not been for them, we would not have achieved such an evolution. So, please join us in our 20th anniversary celebration and test your ArcSight knowledge with our ArcSight IQ challenge! You will be able to test your ArcSight IQ with weekly challenges, which starts on Sept 8 and ends on Sept 29, 2020. Be sure to follow @MicroFocusSec on Twitter for weekly announcements and to get the link to the questions. Good luck, and good hunting!