Seven Ways to Improve Cybersecurity Through Behavioral Analysis

Email     |     Share  
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9
Next Seven Ways to Improve Cybersecurity Through Behavioral Analysis-7 Next

Gain Visibility Throughout an Attack Chain

Most detection efforts focus on the initial point of compromise, and data loss prevention (DLP) systems focus on data just before exfiltration. Recent data breach research tells us that attackers spend weeks or months performing activities identified as being in the "middle of the attack chain" – reconnaissance, performing privilege escalation, and adding their own accounts in an Active Directory. Last year, Target and Home Depot dominated the news with breaches set off by attackers who obtained third-party supplier credentials so that they could access company servers. Because this was perceived as normal traffic, the attacker went undetected for a long period of time. Rather than exclusively focusing on malware and security alerts, security professionals need visibility into what are abnormal behaviors performing normal actions — particularly from third-party suppliers and partner ecosystems.

For a long time, security pros were masters of using limited resources to flag risks, abnormal behaviors and potential threats. The past couple of years changed this game, as seemingly relentless data breaches prompted management staff to funnel budgets and technology solutions toward their security teams in hopes of improving breach response times and reactionary strategies. And yet, many companies still fail to meet the mark. Basic phishing scams thrive as IT services users overlook suspicious URLs and email addresses; attackers are becoming more innovative and capable of preying on an organization's weak points; and staffing remains short, with Cisco's 2014 Annual Security Report uncovering a need for nearly 500,000 to 1 million new IT security professionals to handle the modern enterprise risk climate.

Unfortunately, according to Nir Polak, co-founder and CEO of Exabeam, most organizations are approaching these issues from the wrong perspective. No matter how advanced security, information and event management (SIEM) tools become, security pros must back up their findings with data rooted in the company's daily IT activities in order to glean valuable insights. If not, these tools will merely increase the volume of reports and notifications without providing security pros with the context needed to identify attacks before they wreak havoc and compromise private data.

Rooting your security strategies in user behavior analysis helps bypass these issues, and turns your company's reactionary plans into proactive data maintenance. This slideshow features seven ways, identified by Polak, that you can apply these insights to your business, and an explanation of how each one protects employees, partners, customers and community.


Related Topics : Unisys, Stimulus Package, Security Breaches, Symantec, Electronic Surveillance

More Slideshows

Compliance4-190x128 GRC Programs: Building the Business Case for Value

Experience shows that organizations that manage GRC as an integrated program — involving people, processes and technologies — are more successful in delivering value to their organizations ...  More >>

Social14-190x128.jpg 10 Ways to Improve Your Social Media Security Policy and Posture

When phone calls, video conference information, pictures, chat logs, etc. are all stored in a central location via social media, a potential hacker has access to just about everything, quickly and easily. ...  More >>

Security120-290x195 5 DDoS Myths Debunked

Unearth the real story behind five commonly held myths about distributed denial-of-service attacks. ...  More >>

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.