Cybersecurity To Go On The Offensive

Uploaded on 2016-02-26 in TECHNOLOGY--Resilience, NEWS-Cybersecurity News, FREE TO VIEW

Organizations with a sophisticated approach to cybersecurity are no longer satisfied with locking the doors after the robbery has been committed. There is instead a distinct shift toward offense.

A Deloitte & Touche report notes a trend toward predictive models, which has meant that protection has become more about using advanced math and science to pursue anomalies and pinpoint threats, than it is about building bigger and better walls.

 “Cybersecurity has received increased attention in recent years due to high profile data breaches and attacks on critical infrastructure,” Adnan Amjad, partner at Deloitte, in an interview. “As a result, there is mounting pressure from directors and executives to measure and monitor risk levels, malicious activity and the effectiveness of cyber investments. They seek what seems impossible: a cyber-detection capability that is so mature that the organization is able to address cyber threats proactively. This is where analytics can help.”

However, the dirty little secret of cyber-monitoring is that state-of-the-art practices are intrinsically reactive; organizations watch for threats they’ve either seen before, or that have victimized others.

“And they are often missed, due in part to the massive number of cyber events occurring daily and, in part, because there is insufficient data to evaluate where and when business-critical events may occur,” added Amjad. “In other words, there is often insufficient context for anticipating and preparing to respond to cyber threats.  At the very least, companies need skilled professionals with deep institutional knowledge to patch the data together manually.”

The ability to use high-volume Big Data (billions of records) and execute queries in seconds to identify anomalous patterns can help organizations evolve from monitoring cyber-threats to managing cyber-threats. This in turn can help them to map their susceptibility to attack; detect previously-unknown threats and zero days; prioritize cybersecurity investments; satisfy regulatory inquiries; and provide real-time data to executives that quantifies cyber-risk and enables better decisions.”

It takes horsepower supercomputing to do this in near real-time; the effort would take significantly longer with traditional computing platforms.

“The market is now at a tipping point where cybersecurity operations are starting to transcend tactical ‘monitoring’ and become significantly more sophisticated,” Amjad said. “Technology advances in multiple areas, including: high-speed access to abundant datasets (threat sharing, real-time network traffic, unstructured business data), innovative automation (analytics, machine learning, visualization), and evolving forensic and incident response tools, are driving this sophistication.”

Companies adopting these types of offensive steps will no doubt find that they need new personnel capabilities, the report found. Many cyber-professionals don’t have the skills to do predictive threat intelligence or predictive analysis of past breaches. At the very least, extensive collaboration between analytics and cyber-professionals may be required. And cybersecurity projects will need to rapidly move up the priority list for analytics groups.

Infosecurity: http://bit.ly/20Pwppy

« Know Your Enemy: The Most Popular Hacking Methods
Israel Is 15 Years Ahead in Cyber Warfare »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Computer & Communications Industry Association (CCIA)

Computer & Communications Industry Association (CCIA)

CCIA supports efforts to facilitate and streamline information sharing on cyber threats between the private sector and the Federal Government.

Wibu-Systems

Wibu-Systems

Wibu-Systems is a leading provider of solutions for the Digital Rights Management (DRM) and anti-piracy industry.

Tigerscheme

Tigerscheme

Tigerscheme is a certification scheme for information security specialists, backed by University standards and covering a wide range of expertise.

inBay Technologies

inBay Technologies

inBay Technologies' idQ Trust as a Service (TaaS) is a unique and innovative SaaS that eliminates the need for user names and passwords.

CSI

CSI

CSI is a Managed Service Provider (MSP) delivering Hybrid Multi-Cloud, Data Protection, and Cyber Security solutions to highly regulated industries.

Silverfort

Silverfort

Silverfort introduces the first security platform enabling adaptive authentication and identity theft prevention for sensitive user, device and resource throughout the entire organization.

Cyber Resilient Energy Delivery Consortium (CREDC)

Cyber Resilient Energy Delivery Consortium (CREDC)

CREDC performs multidisciplinary R&D in support of the Energy Sector Control Systems Working Group’s Roadmap of resilient Energy Delivery Systems (EDS).

AimBrain

AimBrain

AimBrain tools detect and prevent fraud, faster and more accurately than ever before.

Blockchain Research Institute (BRI)

Blockchain Research Institute (BRI)

Blockchain Research Institute (BRI) is an independent, global think-tank. We bring together the world’s top global researchers to undertake ground-breaking research on blockchain technology.

Calyptix Security

Calyptix Security

Calyptix Security helps small and medium offices secure their networks so they can raise profits, protect investments, and control technology.

Ukrainian Special Systems (USS)

Ukrainian Special Systems (USS)

Ukrainian Special Systems (USS) is a state-owned commercial enterprise providing confidential communication, trust services and services in the field of information protection.

Sertainty

Sertainty

Sertainty enables developers to mix intelligence into data files for active risk mitigation and data control. Discover the impact of Data: Empowered.

TechBase

TechBase

TechBase is an innovation and start-up center offering technology-oriented start-ups optimal conditions for successful business development.

Barclay Simpson

Barclay Simpson

Barclay Simpson is proud to have a long history of delivering cyber security, technology and governance recruitment services.

Nihka Technology Group

Nihka Technology Group

Nihka offers full end-to-end ICT solutions from business optimisation, data centre modernisation, cloud connection and management, and ICT security.

Xiphera

Xiphera

Xiphera designs and implements proven cryptographic security for embedded systems.