On this week's episode of the Detection at Scale podcast, Jack talks with Dhruv Majumdar, Director, Cyber Risk & Advisory at Deloitte. They discuss common challenges when transitioning from a traditional SOC to a detection and response program, what questions to ask when building a threat modeling strategy, and the benefits data lakes can unlock for D&R. They also talk about how LLMs are helping detect exfiltration and –the need for security controls, policies, and good partnerships.
Topics discussed:
- The common challenges that organizations face today when evolving their detection and response programs, including moving away from SOC and managing big data.
- An overview of the maturity model and what organizations can follow to evolve their processes.
- Two critical questions to ask that will guide your threat modeling strategy.
- What big data "unlocks" for detection and response today, and what trade-offs there are in usability when moving to a data lake-backed architecture.
- How LLMs can surface patterns in data that simplify detecting exfiltrations and how it can help with automation to prevent burnout.
- Advice to security practitioners when transitioning to new strategies, including why you need "controls, controls, controls," and why you should take the simplest route to overcome a challenge.