Seven Ways to Improve Cybersecurity Through Behavioral Analysis

Email     |     Share  
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9
Next Seven Ways to Improve Cybersecurity Through Behavioral Analysis-7 Next

Gain Visibility Throughout an Attack Chain

Most detection efforts focus on the initial point of compromise, and data loss prevention (DLP) systems focus on data just before exfiltration. Recent data breach research tells us that attackers spend weeks or months performing activities identified as being in the "middle of the attack chain" – reconnaissance, performing privilege escalation, and adding their own accounts in an Active Directory. Last year, Target and Home Depot dominated the news with breaches set off by attackers who obtained third-party supplier credentials so that they could access company servers. Because this was perceived as normal traffic, the attacker went undetected for a long period of time. Rather than exclusively focusing on malware and security alerts, security professionals need visibility into what are abnormal behaviors performing normal actions — particularly from third-party suppliers and partner ecosystems.

For a long time, security pros were masters of using limited resources to flag risks, abnormal behaviors and potential threats. The past couple of years changed this game, as seemingly relentless data breaches prompted management staff to funnel budgets and technology solutions toward their security teams in hopes of improving breach response times and reactionary strategies. And yet, many companies still fail to meet the mark. Basic phishing scams thrive as IT services users overlook suspicious URLs and email addresses; attackers are becoming more innovative and capable of preying on an organization's weak points; and staffing remains short, with Cisco's 2014 Annual Security Report uncovering a need for nearly 500,000 to 1 million new IT security professionals to handle the modern enterprise risk climate.

Unfortunately, according to Nir Polak, co-founder and CEO of Exabeam, most organizations are approaching these issues from the wrong perspective. No matter how advanced security, information and event management (SIEM) tools become, security pros must back up their findings with data rooted in the company's daily IT activities in order to glean valuable insights. If not, these tools will merely increase the volume of reports and notifications without providing security pros with the context needed to identify attacks before they wreak havoc and compromise private data.

Rooting your security strategies in user behavior analysis helps bypass these issues, and turns your company's reactionary plans into proactive data maintenance. This slideshow features seven ways, identified by Polak, that you can apply these insights to your business, and an explanation of how each one protects employees, partners, customers and community.

 

Related Topics : Unisys, Stimulus Package, Security Breaches, Symantec, Electronic Surveillance

 
More Slideshows

BitSightRansomware0x Ransomware: The Rising Face of Cybercrime

Ransomware is a legitimate threat, with estimates from the U.S. Department of Justice showing that over 4,000 of these attacks have occurred every day since the beginning of the year. ...  More >>

Security121-190x128 5 Ways CFOs Can Implement an Effective Cybersecurity Strategy

While cybersecurity concerns are widespread, finance remains one of the most vulnerable areas for malicious attacks. ...  More >>

infra100-190x128 Top 10 Strategic Technology Trends for 2017

Here are the top 10 strategic technology trends that will impact most organizations in 2017. Strategic technology trends are defined as those with substantial disruptive potential or those reaching the tipping point over the next five years. ...  More >>

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.