Let’s get started on your threat management journey!
Detect
Protect
Respond
1. What is your primary objective for looking at cyberthreat management?
Proactive identification of potential attack vectors
Regulatory compliance
Assessment of IT security control effectiveness
Brand and reputation monitoring
Insider threat
Combination of the above
OK
2. How does your organisation currently handle cybersecurity incident management?
In-house
Outsourced
Hybrid SOC/Dedicated on-premise SOC
OK
3. Do you see value in aligning your SOC monitoring use cases to the MITRE attack framework?
Yes – I see value
Yes – I see value – but do not have the bandwidth to execute and need help
No – I am aligned to a different framework, for example, Lockheed Martin’s Kill Chain regulatory framework
OK
4. How often does your IT team perform threat hunting exercises?
Once a day
Once a week
Once a month
Once a quarter
Ad hoc
Not in place at the moment
OK
5. What is the primary source of information for threat hunting?
End points
Network analytics
Logs
Threat intelligence
Deception
Combination of the above
OK
6. Do you use commercial threat intelligence (CTI) feeds to augment the SOC capabilities?
Yes, and it covers indicators of compromise (IoC), brand monitoring, deep and dark web monitoring, and third-party risk monitoring
Yes, but it needs attention and additional coverage around IoC, brand monitoring, deep and dark web monitoring, and third-party risk monitoring
No, we only use OSINT
No, we don’t currently use threat intelligence
OK
7. What is your key expectations from Commercial Threat Intelligence? Select all that apply.
Not using at all
Sharing of indicator of compromise information for feeding existing SIEM, FW and proxy / brand monitoring
Brand and reputation monitoring
Deep and dark web monitoring
OK
8. Are false positives from SIEM a significant problem for you today?
Yes, but it’s under control
Yes, but it needs attention and I’m open to ideas as to how to manage it
No, we have it sorted
OK
9. Is the alert you get from your in-house or MSSP SOC directly actionable?
Yes, the alert links the user, IP address and the systems involved and auto categorises the priority level
My team enriches the alert manually with additional context and priority level, after receiving the alert
I don’t get actionable alerts
OK
10. How do you integrate cloud services with your existing SIEM/MSSP?
We use controls such as CASB or native cloud security monitoring services, such as Sentinel or Guardduty
Our current coverage is limited due to integration challenges and we are looking to extend this coverage
We do not have coverage for cloud services right now. Our current monitoring is limited to on-premise devices only
OK
→
11. Which of the following security controls have been deployed? Select all that apply.
SIEM
UEBA
EDR
Deception
OK
12. Where do you see a skills gap in your environment?
Planning support for new IT security initiatives
Incident triaging and response
Execution rollout of new IT security initiatives
Audit and compliance
OK
13. How often do you perform red teaming exercises in a year?
Once a quarter
Twice a year
Once a year
We don’t do red teaming exercises; penetration testing and vulnerability assessments are sufficient for us
OK
14. How often do you perform a threat modelling exercise?
Twice a year and it’s outsourced
Once a year by our service provider
Ad hoc – when a new critical application goes into production
We don’t currently do threat modelling exercises
OK
15. How do you carry out malware analysis today?
In-house
Use open source tools from the Internet as and when required
Outsourced to a service provider
We don’t currently have this capability
OK
←
→
16. Do you have an online dashboard that shows threat detection KPIs in real time?
Yes
No
We use our service provider’s ITSM for this
A mature architecture is in place and is well deployed
OK
17. Is your ITSM platform built for security incident management?
We use the same platform as our IT team
We have separate case management for security incident management
We do not use an ITSM in our organisation and rely on email for managing incidents
OK
18. Where are you on the incident response automation journey?
Planning stage
Bot development
We have a few bots in production
Not looking at automation right now
OK
←
Submit
Complete a short form to get your personalised report
Select Industry*
Associations, Clubs & Membership
Aviation
BFSI
BPO
Conglomerate
Construction, Infrastructure & Real Estate
Education
Financial
Government
Hospitality & Travel
Information Technology
IT Enabled Services (ITES)
Transportation & Logistics
Manufacturing
Media & Entertainment
Professional Services
Services
Telecom
Trade
Utility
Others
Select Designation*
C-level
Vice President level or equivalent
Director level or equivalent
Manager level or equivalent
Select Country*
India
Australia
Bangladesh
Cambodia
China
Fiji
French Polynesia
Guam
Hong Kong
Japan
South Korea
North Korea
Laos
Malaysia
Micronesia
Myanmar
New Zealand
Pakistan
Singapore
Taiwan
Thailand
Vietnam
Philippines
Indonesia
Brunei
United Kingdom
Germany
France
Switzerland
Austria
Belarus
Belgium
Bosnia and Herzegovina
Bulgaria
Croatia
Cyprus
Czech Republic
Denmark
Estonia
Faroe Islands
Finland
Georgia
Gibraltar
Greece
Guernsey
Hungary
Iceland
Ireland
Isle Of Man
Italy
Ivory Coast
Jersey
Jordan
Kuwait
Latvia
Lebanon
Lesotho
Liberia
Liechtenstein
Lithuania
Luxembourg
Macedonia
Mauritius
Moldova
Monaco
Montenegro
Morocco
Netherlands
Norway
Poland
Portugal
Romania
San Marino
Sao Tome & Principe
Serbia
Slovakia
Slovenia
Spain
Sweden
Ukraine
Vatican City
Albania
Algeria
Andorra
Angola
Western Sahara
Yemen
Zambia
Zimbabwe (Rhodesia)
United Arab Emirates
Gabon
Kenya
Israel
Saudi Arabia
Bahrain
Qatar
Turkey
Oman
Jordon
Uganda
Tanzania
Benin
Botswana
Burkina Faso
Burundi
Cameroon
Cape Verde
Central African Republic
Chad
Comoros
Ethiopia
Egypt
Equatorial Guinea
Democratic Republic of the Congo
Eritrea
Djibouti
Gambia
Ghana
Guinea
Guinea-Bissau
Iran
Iraq
Libya
Madagascar
Malawi
Mali
Malta
Mauritania
Namibia
Niger
Nigeria
Palestine
Rwanda
Mozambique
Senegal
Somalia
South Africa
Sudan
Swaziland
Syria
Togo
Tunisia
United States
Puerto Rico (US)
Bahamas
United States Virgin Islands (US)
Canada
Barbados
Brazil
Mexico
Colombia
Argentina
Peru
Venezuela
Chile
Ecuador
Guatemala
Cuba
Bolivia
Haiti
Dominican Republic
Honduras
Paraguay
Nicaragua
El Salvador
Costa Rica
Panama
Uruguay
Jamaica
Trinidad and Tobago
Guyana
Suriname
Guadeloupe (France)
Martinique (France)
Belize
French Guiana
Saint Lucia
Curaao (Kingdom of the Netherlands)
Aruba (Kingdom of the Netherlands)
Saint Vincent and the Grenadines
Grenada
Antigua and Barbuda
Dominica
Bermuda (UK)
Cayman Islands (UK)
Greenland (Denmark)
Saint Kitts and Nevis
Sint Maarten (Kingdom of the Netherlands)
Turks and Caicos Islands (UK)
Saint Martin (France)
British Virgin Islands (UK)
Caribbean Netherlands (Kingdom of the Netherlands)
Anguilla (UK)
Saint Barthlemy (France)
Saint Pierre and Miquelon (France)
Montserrat (UK)
Falkland Islands (UK)
Select State*
Yes, I consent to receive occasional email with updates on services, market trends, and other information from Tata Communications that may be of value to me. I can always unsubscribe. I also understand that Tata Communications Ltd. and its subsidiaries operate in locations globally and consent to have the applicable Tata Communications entity contact me. I understand that the contacting entity may be located in a different country than me.
Submit
Please wait...
