From Defense-in-Depth to Defense-In-Concert: Gain Holistic Security with Open XDRA Defense-In-Concert strategic approach provides a holistic framework to support corporate initiatives without compromising corporate security. By: Ken Brisco
- Defense-in-Depth leads to IT and cybersecurity professionals struggling with managing too many security tools with little to no integration.
- Defense-In-Concert is a strategic approach to cybersecurity that drives collaboration and contextualization of security data within the infrastructure.
- Open XDR empowers security teams to deploy Defense-In-Concert with better security outcomes and simpler security operations.
The modern threat landscape moves at a rapid pace. With the onset of 2020’s global pandemic, this axiom played out in front of our very own eyes. As millions of workers moved to a remote home office, attacks on home-based routers surged 210% to reach nearly 2.9 billion—amounting to 15.5% of all home routers.1 With an increased attack surface, Defense-in-Depth is no longer good enough. A Defense-in-Concert approach is needed to provide a holistic framework to help security teams support corporate initiatives without compromising corporate security.
Defense-In-Depth: The Law of Diminishing Returns
Before we discuss what Defense-in-Concert is, let’s talk a little about what it isn’t. The traditional approach used by organizations to slow down adversaries is to embrace a defense-in-depth strategy that uses multiple layers of security controls. A common theme to this approach is to address new threat tactics by adding new solutions to your current technology stack. The impact of Defense-in-Depth is best characterized by the law of diminishing returns. As organizations add more protection, they also add greater complexity and can even compromise threat protection. Recent research reveals that on average, enterprises deploy 45 cybersecurity-related tools on their networks. When the number of tools deployed reaches 50, these enterprises rank 8% lower in their abilities to detect threats and 7% lower in defensive capabilities, compared to companies with smaller toolsets2. The level of expertise needed to maintain Defense-in-Depth forces security analysts to manage each solution from a separate console, forcing them to swivel between screens, in the process significantly reducing visibility and the ability to quickly respond to malicious activity.
From Defense-In-Depth to Defense-in-Concert
In 2017, Secureworks introduced Defense-in-Concert, our strategic approach to threat protection. Defense-in-Concert enables collaboration and contextualization of security data within your infrastructure. Instead of adding more layers, Defense-in-Concert means making sure your existing security tools are all speaking the same language and working in concert. This approach unifies security tools to deliver comprehensive visibility, leading to faster, more effective detection and response. Contrast this to point solutions which are often unable to integrate data and drown your security team in the noise of an overwhelming number of security alerts. Defense-in-Concert enables you to
- track threats across your entire ecosystem
- validate the severity of alerts through increased context
- identify attackers by actions and behavior
Realizing Defense-In-Concert with Open XDR
Open XDR is the shiny new toy that everyone seems to be talking about. Gartner recently listed XDR as one of the “Top 10 Security Projects for 2021.” ESG research revealed that 70% of organizations expressed that they are already using or considering XDR3. The reason for this is simple: XDR provides an accessible and powerful way for organizations to apply a Defense-in-Concert approach to their environment.
XDR analyzes security data as a whole, enhancing threat detection and eliminating the frustration around integrating many siloed point solutions. Through an open, cloud-native platform, organizations benefit from open XDR with improved visibility, enabled by high-fidelity alerts across endpoint, network and cloud environments. Open XDR empowers analysts with a centralized user interface and built-in automation to improve productivity. The simplicity and context of relevant activity in your environment allows even junior analysts to achieve more than they were before.
To understand how Secureworks Taegis XDR delivers a holistic, Defense-in-Concert approach, view our recent webinar presented by Ed Martin, Director of Product Management and Curt Yasm, Senior Product Manager. Watch On-Demand
1 Help Net Security. Insights for navigating a drastically changing threat landscape - March 2021
2 Ponemon Institute. Cyber Resilient Organization Report. June 2020
3 ESG. The Impact of XDR on the Modern SOC. November 2020