security

The cyber attribution dilemma – TechRadar


Cyber attribution poses a dilemma for many security teams that are already often time-strapped and short-staffed. Is it really time well spent trying to identify the attackers? Or is it a distraction from getting on with the improvements needed to reduce the likelihood of another breach?

The process behind cyber attribution is usually complex, lengthy, resource-hungry, and fraught with inaccuracy pitfalls. It involves security analysts gathering evidence, constructing timelines, piecing together the events that led to a breach, and painstakingly reviewing tactics, techniques, and procedures used by the adversary in an attempt to uncover the organization or individuals behind it.



READ SOURCE

This website uses cookies. By continuing to use this site, you accept our use of cookies.