As this article shows, ensuring you have the correct tools in place to detect, remediate and proactively protect against cybercrime is essential. The so-called 'slush fund' approach to dealing with ransomware, for example, is no longer acceptable, realistic or practical. 

Visibility and true 'actionable intelligence' from security platforms is the only way to deal with advanced threats. I believe this is achieved in three key ways:

1. The Tools - Put the right tools in place and regularly review that they are still 'fit for purpose'

2. The People - Ensure your people are up to date with training on these platforms and that they also understand the impact of threats to how the business operates. They MUST also be cyber aware themselves, particularly in jobs not related to IT. A point that is often overlooked and under appreciated. These are the people most commonly targeted.

3. The Processes -  Automate as many of these as possible. Automation does not mean a lack of control, it simply ensures the correct course of action is determined more quickly. If it is a manual process, is it practiced and repeated? Don't make the first time a process is undertaken to be during a breach. 

As detailed below, it's interesting to see that we are still seeing that one in three attacks are successful. With the average time to detect a breach still sitting around the 146-day mark, we need to improve on this and the only way to achieve this is to empower security teams to work more efficiently and effectively.