《MDR 到 IDR 的交接:完美衔接.pdf》由会员分享,可在线阅读,更多相关《MDR 到 IDR 的交接:完美衔接.pdf(33页珍藏版)》请在三个皮匠报告上搜索。
1、MDR to IR Handoffs:Stick The LandingJeff PollardVice President,Principal AnalystJess BurnPrincipal AnalystJuly 24,20251 Forrester Research,Inc.All rights reserved.If you came for thisWe saved you some timethis is it2 Forrester Research,Inc.All rights reserved.So why are we even here?3 Forrester Rese
2、arch,Inc.All rights reserved.Handoffs between MDR and IR come with problemsEscalation confusionUnclear threshold criteria,resource misallocation,regulatory penaltiesDocumentation gapsInconsistent standards,process gapsCoordination breakdownPoor handoff protocols,information lossTool integration fail
3、ureVisibility blind spotsIntelligence gapsIncomplete attack timeline transfer,prolonged investigationResponse delaysCritical window exploitationSkill misalignmentDetection vs.remediation expertise4 Forrester Research,Inc.All rights reserved.Resulting inProcess gapsCommunication gaps Wasted precious
4、time 5 Forrester Research,Inc.All rights reserved.What do we do to fix it?6 Forrester Research,Inc.All rights reserved.Process takes a back seat to techWhich of the following has your organization done in response to the breach(es)it has experienced in the past 12 months?Source:Forresters Security S
5、urvey,2025Base:340 C-level/Executive Security decision-makers who have experienced a breach in the past 12 months7 Forrester Research,Inc.All rights reserved.MDRClient20182019Timing mattersRapid triage,escalation,and assessment of incidents is critical to effective response Alert:potential incident
6、discoveredConfirm incident,determine scope and severity8 Forrester Research,Inc.All rights reserved.Consistency mattersCreate,formalize,and socialize incident severity categories within IR plans and playbooks2 High1 Critical4 Low3 MediumMinor,contained issue(e.g.,basic phishing attempt,minor policy