In March 2020, AT&T Cybersecurity and Enterprise Strategy Group (ESG) completed a benchmark survey to better understand what a mature cybersecurity program looks like and how that maturity influences security and business outcomes.

Results from the 500 security professionals surveyed on their processes, policies, and controls were mapped into the NIST Cybersecurity Framework's (CSF) five foundational cybersecurity functions: Identify, Protect, Detect, Respond and Recover.

Many organizations, inundated by the magnitude and complexity of cybersecurity, are turning to managed detection and response (MDR) services.

In this evaluator's guide, you'll learn what to look for and what questions to ask when assessing an MDR solution, including:

• The basic services every MDR should provide
• 10 key elements to evaluate
• 4 pitfalls to avoid

Download this guide now to better equip yourself on what to look for in an MDR solution provider.

This white paper is intended to help you make smart, strategic decisions on the tools and services available to bolster cybersecurity readiness in a remote environment, covering:

• Cybersecurity risks for remote workers
• Challenges of security for remote access
• Helping a new remote workforce withstand cybersecurity risks
• What to look for in remote security solutions

Download today to take a holistic approach to help protect your network and remote workforce.

The rapid adoption of cloud-based applications combined with a more mobile, distributed workforce has put a lot of stress on cyber defenses. It's challenging for administrators to maintain visibility and control over data, or to apply unified security policies. Secure web gateway (SWGs) using cloud-native technology help provide coverage to these and other gaps.

This white paper details:
• 5 network disruptors—and how a SWG solves for them
• Technologies SWGs can and can't replace
• Common use cases for SWGs

Annual AT&T Cybersecurity Insights Report. The 2023 report will focus on the edge ecosystem. The core report focuses on connecting and securing the entire edge computing ecosystem; transport infrastructure, endpoints, operating systems, application workloads, production monitoring/management/mitigation/runtime. The 2023 AT&T Cybersecurity Insights Report presents a perspective that recognizes the essential characteristics and key differences among edge architectures and provides a realistic picture of the state of edge. The report invites decision makers to think holistically about edge ecosystem strategies by providing insights into:

• Anticipated edge use case investments
• Intersection of edge computing, networking, and cybersecurity
• Observations about the state of edge, including project life cycle management
• Edge use cases, including industry-specific primary use case snapshots
• Edge risk, which encompasses types of edges and perceived edge use case risk
• Cybersecurity controls and perceived cost-benefit

Whether or not your organization plans to utilize consultants, AT&T Cybersecurity Consulting crafted this whitepaper to clarify initiatives for an emerging program. Recommendations include:

• Understanding and managing system configurations and vulnerabilities across your network is a key part of identifying and managing cyber risk
• Risk assessments help identify mission-critical services and data, and can help prioritize the biggest risk gaps in securing them
• Getting started with risk management initiatives, including Zero Trust
• Systematic all-employee cybersecurity awareness training, when done well, turns employees into a first line of defense at endpoints
• Penetration tests probe beyond the scope of automated vulnerability scans

The sheer volume of information threat researchers must sift through makes it difficult to collect, analyze, and research that data in a timely manner. This in turn limits their ability to understand what data is valid and useful and whether threat artifacts will result in legitimate threat indicators.

This whitepaper will discuss the following topics:

• How data analytics and machine learning power threat analysis
• Machine learning models
• From threat artifact to threat intelligence

Information overload challenges from data and threats can overwhelm cybersecurity professionals, causing many to unwisely skip vulnerability mitigation.

This guide details the framework of a modern, responsive vulnerability management program, including:

• Risk appetite: both business and technology leaders should understand and agree on acceptable levels of risk
• Establish a strategy to gain visibility into infrastructure to effectively respond to risks that impact operations
• To combat information overload, prioritize mitigation—which is not always remediation

This paper outlines the AT&T Chief Security Office's current point of view on how to manage that control, including best practices. It includes:

• Elements from several industry frameworks
• The increasing importance of implementing effective network security controls based on Zero Trust (ZT) principles, and why they cannot be superimposed on legacy network infrastructure and operations
• The value in the ability to manage and control access to the business without creating friction that could hinder day-to-day operations and workflow
• Critical concept areas related to access control that should be considered

Many paths can lead to an effective detection and response program. This white paper will help you explore the implications of each choice, including:

• Where building or buying and managing may make sense—and the pros and cons regarding risk and cost
• Where managed security services may make sense—and the pros and cons regarding risk and cost
• How to clarify which route best fits your unique situation based on your organization's strategy, structure, and other factors