By Jon Munshaw.
The threat landscape has evolved into a complex, challenging environment for organizations everywhere. A talent shortage, combined with an increase in incidents, has led to a generally weak security posture among most organizations. Defenders’ backs are up against the wall. Organizations around the world now realize that sitting back and waiting for an alert or receiving information from law enforcement about an incident in their environment brings stiff fines, increased scrutiny, lost intellectual property, data privacy concerns and lost business.
Cisco Talos announced last week that it is bringing Cisco Incident Response into the Talos family. With this new partnership, Cisco Talos Incident Response hopes to use Talos’ actionable intelligence and unprecedented visibility to assist defenders to answer threats faster.
Talos IR fully integrates Talo's threat intelligence output into all our IR services. This enhances the services provided to clients based on the latest malware campaigns and up-to-date and actionable notifications on emerging threats.
Talos Incident Response provides a new approach, capitalizing on our unmatched visibility, unique and actionable threat intelligence, and collective, global response capability, together in a full-spectrum offer.
Talos Incident Response has greater visibility form the largest combined set of telemetry, threat traps, and partner intel data available anywhere. Unmatched visibility gives us more streams of intelligence. Ties between Talos IR and Talos Research teams allow for further integration of local context from our responders back into our global threat intelligence feeds.
Conversely, the Talos IR teams on the ground have direct access to the closely guarded sources of Talos research, creating actionable intelligence for clients during any incident. This line of sight helps protect all Cisco customers and the internet at-large as we’re able to place the threat intel from one client into the Talos engines that feed millions of security products.
Cisco Talos Incident Response customers not only understand their response capabilities better, but have direct access to the largest threat intelligence, research, and response team in the world without delay when it matters most. Talos Incident Response gives customers immediate access to Talos incident responders, researchers, and analysts. Talos IR fully integrates that threat intelligence output into our IR services. This enhances the services provided to clients based on the latest malware campaigns and up-to-date and actionable notifications on emerging threats.
Laser-focused local response from Talos IR is fully integrated with the global response capabilities of Talos. While immediate value is realized by our Talos IR customers, there is also reciprocal value realized internally by our researchers. The scale of Talos allows for our researchers to deploy "boots on the ground" in certain situations to gather data needed by the entire industry for further analysis. By closing the gap between IR and intelligence, response is faster with even greater efficacy.
Cisco Talos Incident Response significantly strengthens customers’ network defenses. Using the latest intelligence and best practices, it introduces a process that engages all layers of defense and provides a comprehensive range of capabilities.
Talos Incident Response provides a full suite of proactive and reactive services to help you prepare, respond and recover from a breach. With Talos IR, you have direct access to the same threat intelligence available to Cisco and emergency response capabilities — not to mention access to more than 350 threat researchers for questions and analysis. Let our experts work with you to evaluate existing plans, develop a new plan, and provide rapid assistance when you need it most.
If your organization is experiencing a cyber-related incident, from a breach of confidential data to a worm impacting operations, Talos Incident Response can mobilize quickly to respond to the incident, mitigating immediate concerns, containing the situation, and architecting a long-term strategy that addresses root cause issues. Using the latest intelligence, years of experience and best practices, we build a custom response plan that isolates the attacker, scopes the incident, ascertains root cause, and allows your business to recover as quickly and effectively as possible.