eBooks/eGuides

AlertLogic.com G U I D E : E N H A N C I N G YO U R R E S P O N S E C A PA B I L I T I E S 7 Be Aware! Execution of the plan is as important as strategy and creation. The right partner should be able to help put into practice a self-service experience that enables simple adoption and quick time-to-value. Figure 2: A strategic/phased approach to response Source: 451 Research Response Time Efficiency/Scalability Response Volume Slower Manual Response Human-Guided Automated Response Fully Automated Response Rapid Lower Phase 1 Nascent Response Phase 2 Exploring Human-Guided Automated Response Phase 3 Embracing Human-Guided Automated Response Phase 4 Exploring Family Automated Response Phase 5 Embracing Fully Automated Response Higher Response to all incidents requires manual intervention and actions. The majority of incidents and alerts still require manual response, although demand for manual response begins to taper. Utilized for highly repetitive response tasks, known threats with well- documented responses, and non-critical systems. Use of human-guided automated response continues to expand to include critical assets where additional human intuition or response approval is required but rapid response is crucial. Fully automated response utilized for highly repetitive response tasks, known threats with well documented responses, and non-critical systems. Human-guided automated response utilized for critical assets where additional human intuition or response approval is reuired, but rapid response is crucial. Manual response reserved for unknown threats and systems where automated response is not technically possible. Broader adoption of fully automated response spans highly repetitive response tasks, known threats with well-documented responses for both critical and non-critical systems. Fewer response actions demand manual response. Typically reserved for unknown, complex threats involving highly integrated systems and systems where automated response is not technically possible.

• Cover