Governance & Risk Management , Incident & Breach Response , Security Operations

Tips on Taking a 'Threat Hunting' Approach

HCL's Anuj Tewari Offers Insights on Key Steps Taken to Manage Risk
Tips on Taking a 'Threat Hunting' Approach
Anuj Tewari, CISO, HCL Technologies

Organizations need to adopt a "threat hunting" approach to managing risk, striving for early detection of anomalies, says Anuj Tewari, CISO at HCL Technologies, an India-based multinational IT service company.

"As human beings we get preventive medical checkups done to detect diseases, if any, beforehand. Likewise, if we are to keep our infrastructure well, we should turn to threat hunting," Tewari says in an interview with Information Security Media Group.

Threat hunting involves three steps, he explains:

  • Scanning the environment;
  • Conducting continuous recording, including analyzing logs and tying them to intelligence;
  • Reviewing intelligence reports for relevance.

"Threat hunting is essential to know the security health of an organization proactively and in a smart way," Tewari says. "Therefore, forensic capability should be well-established, which means that it's not the time to realize that certain things should have been logged after a damage has happened."

In this interview (see audio link below image), Tewari talks about:

  • Aligning threat hunting with incidence response;
  • Mapping critical assets and indicators of compromise;
  • Enhancing capabilities to proactively detect threats.

Prior to joining HCL, Tewari was head of cybersecurity practice for Asia, Middle East and Africa at CSC. Before that, he worked at IBM, GE, Convergys and other companies in various capacities.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.