ORNL Might Outsource Threat Detection, Response Work, CISO Says
“You have a changing environment, you have the ever-changing threat. So we started looking at an MTDR-type environment to help us and act as a force multiplier," Kerr said.
The vendor would not only handle ORNL's security but also track security threats across different sectors, potentially stopping threats before they are realized, Kerr said.
He added that having a vendor that can automate security operations would give the laboratory a holistic view of the threat landscape.
ORNL previously tapped industry to perform penetration testing because its in-house team did not have the time nor the expertise to handle the task.
Kerr said the penetration tests allowed ORNL to identify what its vulnerabilities are and learn how malicious hackers could have exploited them.
The process, Kerr added, has helped ORNL adopt a DevSecOps development cycle over the past year. He said having a managed threat detection and response service can boost security as much as third-party penetration testing did.
“Within 24 hours we had a team of 30 people on site. But that wasn’t there and it was reactive. With an MTDR, it’s there, it’s proactive," Kerr said regarding the previous penetration testing initiative.
Category: Popular Voices
Tags: cybersecurity DevSecOps in-house security industry Kevin Kerr managed threat detection and response MTDR Nextgov Oak Ridge National Laboratory penetration testing Popular Voices vulnerability