Cyber attribution — finding exactly who perpetrated a given cyberattack — has seemingly become a cybersecurity goal in and of itself. But do organizations really need to know?
Security professionals conducting investigations are charged with gathering credible evidence to determine if, when, where, why and how an incident occurred.
To drive a sense of personal responsibility among employees to report misconduct, Gartner says compliance teams need to address the benefits of reporting.