“Wisdom consists of the anticipation of consequences.” – Norman Cousins
In the cybersecurity industry, we’ve become a lot wiser in the face of relentless and increasingly crafty adversaries. It is now a widely held tenet that it is not a matter of if, but when and how we’ll be attacked. In anticipation of these consequences, security operations centers (SOCs) are transforming into detection and response organizations. How we measure the efficiency and value of detection and response is by the speed and effectiveness with which it is done. So, alongside this transformation, we’re now seeing security organizations put together anticipation teams to proactively drive down time to detect and respond and reduce exposure. What do those teams look like?