Government agencies are in an arms race when it comes to staying ahead of cyber criminals who are using advanced malware for breaching their networks. As such, next-generation cyber professionals are focusing on Indicators of Compromise (IoC), which are the seemingly benign events, that when correlated together and analyzed, spotlight systems at high risk for an active breach by advanced malware.
By focusing on IoCs, it is possible for agencies to gain specific insights about the particular systems that may be compromised. This goes beyond a ‘broad brush’ approach to network security, ultimately leading to more immediate and accurate pictures of breaches, as well as getting fuller understandings of the root causes for the intrusions.
These are some of the key insights that Tom Stitt, Director of Product Marketing at Sourcefire, provided in a recent Federal Technology Insider podcast. Below is the full podcast interview.