Just Add Intelligence

Building Knowledge, Experience, and Expertise into Cybersecurity Incident Response

The faster cybersecurity investigators can identify and contain data breaches, the less cost and damage their organization will suffer. Actionable intelligence allows investigators to spend less time searching and more on analysis and solving problems. But where does this intelligence come from?

An important aspect of intelligence for investigators is knowing where to look and which questions to ask, based on expertise and experience. However, there are only so many practitioners in the world who have these skills. Growing demand for their services can make the cost of hiring or contracting them prohibitive. Rather, organizations need a way to encapsulate this expert knowledge into a technology framework.

This paper will examine how such a technology framework would prove advantageous when investigating two common scenarios:

  • In an insider data breach, rapidly identifying the forensic artifacts that show where a file of interest was accessed from, when, and by whom
  • In an external web server attack, decoding and identifying log entries that indicate a SQL injection attack

Download our white paper to learn more.

 

Stuart Clarke

Stuart Clarke

Head of Security & Intelligence Solutions

Stuart is an internationally respected information security expert who is responsible for the overall security and intelligence strategy and delivery at Nuix. During his time at the company, Stuart has advised the United Nations’ peak cybersecurity body ITU and provided cybersecurity training for over 60 computer emergency response teams. He led the development of Nuix Investigation & Response, an innovative investigative tool used to delve into the causes and scope of data breaches.

Read More

Download the White Paper