Cybersecurity To Go On The Offensive

Organizations with a sophisticated approach to cybersecurity are no longer satisfied with locking the doors after the robbery has been committed. There is instead a distinct shift toward offense.

A Deloitte & Touche report notes a trend toward predictive models, which has meant that protection has become more about using advanced math and science to pursue anomalies and pinpoint threats, than it is about building bigger and better walls.

 “Cybersecurity has received increased attention in recent years due to high profile data breaches and attacks on critical infrastructure,” Adnan Amjad, partner at Deloitte, in an interview. “As a result, there is mounting pressure from directors and executives to measure and monitor risk levels, malicious activity and the effectiveness of cyber investments. They seek what seems impossible: a cyber-detection capability that is so mature that the organization is able to address cyber threats proactively. This is where analytics can help.”

However, the dirty little secret of cyber-monitoring is that state-of-the-art practices are intrinsically reactive; organizations watch for threats they’ve either seen before, or that have victimized others.

“And they are often missed, due in part to the massive number of cyber events occurring daily and, in part, because there is insufficient data to evaluate where and when business-critical events may occur,” added Amjad. “In other words, there is often insufficient context for anticipating and preparing to respond to cyber threats.  At the very least, companies need skilled professionals with deep institutional knowledge to patch the data together manually.”

The ability to use high-volume Big Data (billions of records) and execute queries in seconds to identify anomalous patterns can help organizations evolve from monitoring cyber-threats to managing cyber-threats. This in turn can help them to map their susceptibility to attack; detect previously-unknown threats and zero days; prioritize cybersecurity investments; satisfy regulatory inquiries; and provide real-time data to executives that quantifies cyber-risk and enables better decisions.”

It takes horsepower supercomputing to do this in near real-time; the effort would take significantly longer with traditional computing platforms.

“The market is now at a tipping point where cybersecurity operations are starting to transcend tactical ‘monitoring’ and become significantly more sophisticated,” Amjad said. “Technology advances in multiple areas, including: high-speed access to abundant datasets (threat sharing, real-time network traffic, unstructured business data), innovative automation (analytics, machine learning, visualization), and evolving forensic and incident response tools, are driving this sophistication.”

Companies adopting these types of offensive steps will no doubt find that they need new personnel capabilities, the report found. Many cyber-professionals don’t have the skills to do predictive threat intelligence or predictive analysis of past breaches. At the very least, extensive collaboration between analytics and cyber-professionals may be required. And cybersecurity projects will need to rapidly move up the priority list for analytics groups.

Infosecurity: http://bit.ly/20Pwppy

« Know Your Enemy: The Most Popular Hacking Methods
Israel Is 15 Years Ahead in Cyber Warfare »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

CERT-FR

CERT-FR

CERT-FR is the French national government computer security incident response team.

ControlScan

ControlScan

ControlScan is a Managed Security Services Provider (MSSP) - our primary focus is protecting your business and securing your sensitive data.

Averon

Averon

Averon's technology is the new gold standard for digital identity - the easiest, fastest and most secure verification solution for users on both WiFi and LTE.

DataSunrise

DataSunrise

DataSunrise Data-Centric high-performance security software protects the sensitive data in real-time in cloud or on premises, and helps organizations to stay compliant.

DigitalXRaid

DigitalXRaid

DigitalXRAID is driven and motivated to ensure the bad guys don’t win. We’re dedicated to providing our clients with state-of-the-art cyber security solutions.

AlertEnterprise

AlertEnterprise

AlertEnterprise uniquely eliminates silos and uncovers blended threats across IT Security, Physical Access Controls and Industrial Control Systems.

Ensurity Technologies

Ensurity Technologies

Ensurity is a deep-tech cybersecurity engineering company; designs and manufactures specialized secure hardware, software, and mobile application solutions.

CHT Security

CHT Security

CHT Security is a Managed Security Service Provider (MSSP) specialized in cyber security technologies enabling enterprises to defense against cyber threats to networks, gateways and endpoints.

Antares NetlogiX

Antares NetlogiX

Antares Netlogix are a leading Austrian service provider for IT security, critical infrastructures and managed security services.

LoughTec

LoughTec

LoughTec secure, manage and connect IT infrastructure for businesses and organisations throughout the UK and Republic of Ireland.

Babble

Babble

Babble is a Unified Comms, Contact Centre and Cyber Solutions provider. We believe in making next-generation technology simple to use, deploy and manage.

DV Cyber Security

DV Cyber Security

DV Cyber (formerly A76) is an innovative cyber security company vertically focused on Threat Intelligence and Cyber Security Research.

Oleria Security

Oleria Security

Oleria is the only adaptive and autonomous security solution that helps organizations accelerate at the pace of change, trusting that data is protected.

Cytex

Cytex

Cytex is the All-in-One solution for SMB data protection & compliance needs.

Health Sector Cybersecurity Coordination Center (HC3)

Health Sector Cybersecurity Coordination Center (HC3)

HC3 was created by the US Department of Health and Human Services to aid in the protection of vital, controlled, healthcare-related information.

EVVO LABS

EVVO LABS

EVVO Labs empower your business with the latest IT capabilities to get you ahead of your competitors. We are experts at converging technologies to build your digital transformation.