Every day, companies and public authorities fall victim to cyber attacks. Alongside IT security tools and technical security measures, the in-house Blue Team - whether SOC, CERT, CSIRT or IT security staff - is the critical heart of cyber defence. This is where the responsibility for incident detection & response - constant monitoring, to quickly detect and appropriately react to security incidents in your own network. Therefore, the successful handling of such incidents depends on this very team - its skills, well-established teamwork, processes and routines.
Cyber attacks, however, are becoming more and more complex and so the challenges are increasing - and even in the best professional teams everything doesn’t always go according to plan. After two years of experience with intensive cyber defence training for new and experienced teams in our Cyber Simulation Center, we will now report for the first time on our findings.
Read about the Top 10 most common mistakes made by blue teams when dealing with cyber attacks in our white paper:
- Know-how fails
- Team fails
- Process fails
- Recommendations for improvement measures