Assessing the Risk of Account Takeover Fraud

It’s extremely rare for a CISO to have both the time and the management bandwidth to run both pro- and re-active security operations. This article might help justify the twin track approach…:

[…] The nature of work for a CISO is often reactive, says Murphy. The standard operating procedure for many enterprise CISOs has been, “I get into an organization, establish a Security Operations Center filled with a bunch of analysts, look at that network traffic and a series of other things, and then look for ‘bad’ in context of what you can see.”

The challenge with this “new CISO launch approach” to the enterprise SOC is that it’s very difficult to scale with the organization’s growth goals and the number of potential threats. Contrast this with the more proactive nature, continues Murphy. “Hire and build purpose-driven intelligence teams to: Understand the criminal communities and understand how criminals are targeting your business or your vertical.”

The fundamental difference to these approaches, according to Murphy, is that, “one group is actively integrating with criminal communities and looking for bad in a proactive sense versus the reactive nature where you’re stuck within your own perimeter waiting for bad to happen.”

[…]

Original article here