Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
Cybersecurity News

7 Steps to Automating Cyber Threat Detection and Analysis

By Gary Southwell
cyber-attack
June 14, 2016

Why are so many breaches continuing to occur without let up after several years of headlines? Are the attackers that smart, or are businesses not putting the proper focus on the problem?

Perhaps the best way to answer is to start with the bottom line and defining the concept of risk:

Step 1: Determining Value

Intellectual property for certain industry verticals can be extremely valuable.  For these companies, it is fairly easy to look at market valuations and attribute a reasonable percentage to that value. Client and patient records are also highly valuable – for healthcare providers and insurers, HIPPA violations have fines for data loss that range up to hundreds of dollars per record.  While not all industry verticals have well-established values, most organizations have the means to determine the value of such information. It often comes down to valuating data loss, in real, as well as, opportunity costs.

For the Fortune 5000, the argument can be made by reviewing recent – data – severe breaches can tally in costs to millions of dollars. 

Step 2: Probability of a Breach

The next portion of the equation is the probability of breach.  This is where perception and reality seem to diverge. While most businesses know there is a probability of breach, many believe that if they are not a Fortune 500 firm, the probability is lower that they will be the target of attack.  This ignores several facts.  First, is that most breaches are more often driven by opportunity than focus.  Phishing attacks are good examples – they cast out emails by the millions looking for responses, regardless of organization size.

The Verizon Data Breach Industry Report shows there are thousands of confirmed breaches every year. The 2016 report indicates 3,141 confirmed worldwide breaches. The numbers are likely much higher as many breaches do not get reported or go undetected. 

Cyber Risk Equation – Putting It All Together

Cost of Data Loss x Probability of Such Loss/Year = Yearly Cyber Risk

Example: Small healthcare provider

$500/patient record x 2000 records x 40% probability of breach = $400,000 yearly risk

As this example shows, the risk is high even for mid-sized enterprises and reaches to the millions/year for the smallest of the Fortune 5000.

Mitigating Risk of Data Loss from a Breach

We have security staff and tools already in place so aren’t we protected?

Enterprise Strategy Group recently completed research that surveyed 125 IT/cybersecurity professionals with responsibility for incident response at their organizations, and made an unsettling discovery. Even with significant investment in information security solutions, nearly 74 percent of those surveyed reported that security events/alerts are simply ignored because their teams can’t keep up with the suffocating volume. 

These are organizations with SOC staff and sophisticated security equipment.

The point is, no matter how well equipped, today’s organizations are lacking the security talent and resources necessary to fight relentless, increasingly sophisticated attacks.

While many cybersecurity technology tools exist today to help the enterprise detect threats, the challenge is that they are:

  • Siloed;
  • Perimeter-focused;
  • Require complex, detailed-training and sophisticated staff to leverage them effectively; and
  • Even with explicit training, systems generate prolific alerts, which limited staff cannot physically analyze in a timely enough manner to stop or prevent the threats from inflicting damage.

This cybersecurity model is no longer sustainable.  A holistic automated approach is required. Ideally allowing security analysts to be taken out of the detection role, and back to proactively improving the security posture of the organization.

Automating Threat Detection and analysis – The 7-step Program

Step 1:  Monitor everything
The best way to protect everything is to monitor everything.  Unfortunately, today’s answer is the complex, siloed approach outlined above, which makes this a human-intensive effort.

Step 2: Build a system that can automatically detect every form of attack – DDoS, brute-force, compromised credentials, malware, insider threats and APTs.  You need to detect it all under one application if it’s going to be effective.

Step 3:  Improve the means of detecting attacks and avoiding false positives.   This requires a combination of intelligent data collection and analysis, threat modeling, machine learning and advanced correlation techniques. 

Step 4: Detect the threats in real-time – within minutes as they develop.  This is critical – the faster an attack is detected, the exponential decrease in data loss.

Step 5: Simplify what’s reported.  One clear concise alert that gets updated is better than hundreds of messages regarding the same underlying issue.

Step 6: Send notification of critical alerts automatically via email and texts. Stop the need to continuously watch screens.  Screen watching is costly and difficult to do well continuously.

Step 7: Contain the threat – automatically from within the same application.  Taking action to stop the threat is the most critical step using an automated approach to detect and contain the threat.

By following these steps, threat risk can be dramatically reduced.  Of course, the right system is needed to make this practical.  The good news is that a new era of cybersecurity solution providers is now delivering such systems.  

KEYWORDS: cyber risk mitigation cybersecurity analysis data breach threat detection

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Gary Southwell is Co-founder and Chief Strategy Officer for Seceon, the only threat detection and management company to visualize, detect, and eliminate cyber threats in real-time. With more than 25 years of strategic business and security product planning, Southwell has been at the forefront of industrial innovations and is responsible for driving Seceon’s pending patents in threat modeling with applied behavioral analytics.

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Security Leadership and Management
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Logical Security
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    Cybersecurity
    By: Charles Denyer
Manage My Account
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Sureview screen
    Sponsored bySureView Systems

    The Evolution of Automation in the Command Center

  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

Popular Stories

Rendered computer with keyboard

16B Login Credentials Exposed in World’s Largest Data Breach

Verizon on phone screen

61M Records Listed for Sale Online, Allegedly Belong to Verizon

Security’s 2025 Women in Security

Security’s 2025 Women in Security

blurry multicolored text on black screen

PowerSchool Education Technology Company Announces Data Breach

Half closed laptop

Sudo Vulnerability Discovered, May Exposes Linux Systems

Events

August 7, 2025

Threats to the Energy Sector: Implications for Corporate and National Security

The energy sector has found itself in the crosshairs of virtually every bad actor on the global stage.

August 27, 2025

Risk Mitigation as a Competitive Edge

In today’s volatile environment, a robust risk management strategy isn’t just a requirement—it’s a foundation for organizational resilience. From cyber threats to climate disruptions, the ability to anticipate, withstand, and adapt to disruption is becoming a hallmark of industry leaders.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • Intelligent Analysis = Threat Detection

    See More
  • Data Security; cyber security news, NIST cybersecurity, data security, data breach, cybersecurity management

    7 Steps to Better Data Security

    See More
  • cyber-data-freepik1170x658x82.jpg

    7 steps to combat cybersecurity threats in times of instability

    See More

Related Products

See More Products
  • threat and detection.jpg

    Surveillance and Threat Detection

  • Risk-Analysis.gif

    Risk Analysis and the Security Survey, 4th Edition

  • 9780367339456.jpg.jpg.jpg

    Cyber Strategy: Risk-Driven Security and Resiliency

See More Products
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing