Seven Ways to Improve Cybersecurity Through Behavioral Analysis

Email     |     Share  
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9
Next Seven Ways to Improve Cybersecurity Through Behavioral Analysis-7 Next

Gain Visibility Throughout an Attack Chain

Most detection efforts focus on the initial point of compromise, and data loss prevention (DLP) systems focus on data just before exfiltration. Recent data breach research tells us that attackers spend weeks or months performing activities identified as being in the "middle of the attack chain" – reconnaissance, performing privilege escalation, and adding their own accounts in an Active Directory. Last year, Target and Home Depot dominated the news with breaches set off by attackers who obtained third-party supplier credentials so that they could access company servers. Because this was perceived as normal traffic, the attacker went undetected for a long period of time. Rather than exclusively focusing on malware and security alerts, security professionals need visibility into what are abnormal behaviors performing normal actions — particularly from third-party suppliers and partner ecosystems.

For a long time, security pros were masters of using limited resources to flag risks, abnormal behaviors and potential threats. The past couple of years changed this game, as seemingly relentless data breaches prompted management staff to funnel budgets and technology solutions toward their security teams in hopes of improving breach response times and reactionary strategies. And yet, many companies still fail to meet the mark. Basic phishing scams thrive as IT services users overlook suspicious URLs and email addresses; attackers are becoming more innovative and capable of preying on an organization's weak points; and staffing remains short, with Cisco's 2014 Annual Security Report uncovering a need for nearly 500,000 to 1 million new IT security professionals to handle the modern enterprise risk climate.

Unfortunately, according to Nir Polak, co-founder and CEO of Exabeam, most organizations are approaching these issues from the wrong perspective. No matter how advanced security, information and event management (SIEM) tools become, security pros must back up their findings with data rooted in the company's daily IT activities in order to glean valuable insights. If not, these tools will merely increase the volume of reports and notifications without providing security pros with the context needed to identify attacks before they wreak havoc and compromise private data.

Rooting your security strategies in user behavior analysis helps bypass these issues, and turns your company's reactionary plans into proactive data maintenance. This slideshow features seven ways, identified by Polak, that you can apply these insights to your business, and an explanation of how each one protects employees, partners, customers and community.

 

Related Topics : Unisys, Stimulus Package, Security Breaches, Symantec, Electronic Surveillance

 
More Slideshows

biometrics Biometrics: Moving Far Beyond Fingerprints

Biometrics are changing the way we think about security. Here are some of the more innovative ways biometrics are being used and what we can expect in the future. ...  More >>

Privacy rollback Security Pros Give Their Opinions on ISP Data Privacy Rollback

IT staff, organization leaders, and the average citizen have all expressed levels of concern over the FCC about-face in regard to ISP privacy. Here’s what the security experts say. ...  More >>

IT security skills 7 Top Skills for Security Pros

Executives at several top tech firms outline the skills they need now and in the near future, including IaaS and IoT security expertise. Other skills listed may surprise you. ...  More >>

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.