← Back to Library

"DR" Word Soup: A Long and Winding Road

By Daniel Kelley · The Cyber Why · · 7 min read

The acronym word soup game is strong in cybersecurity. It’s easy for practitioners to forget how confusing it can be. We spit out these character combos as if they’re brand names and expect others in the organization to understand exactly what we mean. We also anticipate that business leaders and boards will buy into the fact that no security program can exist without the latest XYZ technology. Looking at security from the inside, it makes perfect sense to have 301 different letter-based categories; they align with analysts’ definitions and ranking systems, and (of course) vendors jump on these acronyms to remain relevant and attract attention in a very crowded marketplace.

Acronym Soup United States, 44% OFF
Acronym SOUP - Specifically DR Soup is holding back cybersecurity efficacy

Over the years, “new” categories — and thus their acronyms — have emerged from perfectly descriptive former terms. For example, “data security” morphed into “data loss prevention”/”data protection” morphed into “data security posture management,” a term we use today to basically describe “data security” as it exists in 2024 versus how it existed in 1994.

Another trend that’s taken hold more recently is the tendency to add on to established terms. That is, take a category and chunk it into subcategories, thus allowing for disparate tools creation underneath the broader heading. The most current crazes I see are:

  • Security posture management: All the SPMs: CSPM, SSPM, DSPM, ASPM, I(A)SPM, and Orca’s latest addition: SCM-PM, “source code management posture management” 

  • Detection and response: All the DRs: EDR, NDR, XDR, ITDR, DDR, MDR, ADR, MLDR, TDR

The rest of this post will focus on the “DR”s. There’s plenty to say about the posture management category, but I’ll save that for later.

The evolution of cybersecurity detection and response

Presumably, most of you reading this post work in security and know the history. But just in case you’re not a security pro or need a refresher — Cybersecurity emerged from more general IT in the late 1980s. At that time, and for about ten years, cyber threat detection and response (DR) primarily focused on signature-based analysis and provided the birth of antivirus (AV). If you’re old enough to have lived through or near those days, you might remember that identifying known malware patterns via signatures was tedious, highly manual, and not hugely effective. I mean, if you were a cybercriminal and knew that some newfangled software was looking for known patterns,

...
Read full article on The Cyber Why →

This excerpt is provided for preview purposes. Full article content is available on the original publication.