Implementing an Optimal Approach to Threat Detection and Response

Abstract

The core of the problem was how to implement an optimal approach to threat detection and response to counter cyber security threats, considering that organisations are often faced between seemingly disconnected and yet deeply intertwined facets intersecting the business risk (and thereby the business need), the technology solutions in place, and the method of selecting a target operating model. The challenge especially was that there are often discussions focussing on individual areas: the business risk (which defines the strategic imperative), the landscape of established technology solutions, and the methodology for selecting an appropriate Target Operating Model (TOM) – each one being susceptible to market perceptions. The study analysed a holistic framework to investigate this tripartite challenge by examining the foundational business risks (the "why"), analysing standardized technological solutions (the technologies), and critically evaluated the spectrum of Target Operating Models – from fully insourced and fully outsourced to a hybrid, "pick-and-choose" approach ("how to select the operational mode").