What is Cyber Situational Awareness | Security situational awareness | E... https://cyware.com/educational-guides/cyber-threat-intelligence/what-is-...

To enhance your experience on our website, we use cookies to help us understand how
you interact with our Products Solutions
website. By continuing Integrations
navigating Resources
through Cyware’s website and Company GET A

its products, you are accepting the placement and use of cookies. You can also choose
    
DEMO
to disable your web browser’s ability to accept cookies and how they are set. For more
information, please see our Privacy Policy.

ACCEPT
 View More guides on Cyber Threat Intelligence

What is Cyber Situational

Awareness?
Cyber Threat Intelligence

Share Posted on: August 22, 2018

Blog
Post

Cyberspace is a constantly evolving environment, with new

threats, vulnerabilities, threat actors and more emerging every
day. This continual expansion of activities and our dependence
on cyberspace has necessitated the requirement for situational
awareness.

Situational awareness provides both a holistic and speci�c view

of threats and vulnerabilities, allowing organizations the ability
to identify, process and comprehend information in real-time.
Situational awareness also enables the accurate perception of
an enterprise’s security stance and its threat environment. This,
in turn, helps organizations gauge both their current and future
risk status and protection posture.

Why is it important?

1 of 5 12/18/2021, 12:32 AM
What is Cyber Situational Awareness | Security situational awareness | E... https://cyware.com/educational-guides/cyber-threat-intelligence/what-is-...

To enhance your experience on our website, we use cookies to help us understand how
Situational awareness addresses the Resources
weakest link in GET A
you interact with our Products Solutions
website. By continuing Integrations
navigating through Cyware’s website and Company 
cybersecurity - humans. It helps minimize the potential for
its products, you are accepting

the placement

and use
of cookies. You can

also choose  DEMO
to disable your web browser’s human
ability toerrors
accept and theand
cookies damages
how theycaused
are set.by them.
For moreIn fact,
situational
information, please see our Privacy Policy. awareness has increasingly become a key feature in
the infosec community, allow organizations to establish internal
threat intelligence
ACCEPT sharing channels that alert all key personnel
about emerging threats, mitigations and potential attack
scenarios.

Situational awareness can help organizations understand what

is happening in their environment and in cyberspace in general.
The information can help the SecOps and incident response
teams make informed decisions on how best to defend against
or respond to potential threats and attacks.

How to incorporate situational

awareness?

In academic terms, situational awareness comprises of three

dimensions - perception, comprehension and projection. In
theory, the feature is by nature, human-centric, especially since
its goal is to minimize human error and strengthen the �rst line
of defense.

However, in practice, situational awareness involves several

signi�cant aspects such as threat detection and management,
network management, incident reporting, threat intelligence
sharing, risk monitoring and defence management. It is vital
that organizations incorporate these key aspects into their
cybersecurity protocols through real-time sharing of role,
location and business units based situational awareness to
ensure that right information is available with the right person
at right time. Situational awareness is a two-way tra�c. It is bi-
directional in nature such that information �ow not only takes
place from SecOps and incident response teams to the
employees but also vice-versa via incident reporting. Employees,
who in all practical aspects are human endpoints, must report
all suspicious incidents to disseminate ground-level situational
awareness to SecOps and incident response teams for proactive
mitigation and reduction of response and dwell detection time.
In fact, incident reporting is key to breaking a cyber kill chain.

To ensure seamless exchange of threat information in real-time,

situational awareness must be exchanged over smartphone

2 of 5 12/18/2021, 12:32 AM