Trends in Enterprise Security: Cyberthreat Detection

Regardless of the number of defense layers, data breaches still happen. We need to detect threats at the earliest possible moment with new methods.

Layers of Cybersecurity DefenseStill Data Breaches

The defensive posture for most enterprise security groups has been an all-or-nothing approach. We want to stop all attacks, all the time. To accomplish this, we have added defense in depth, from the desktop to the network edge. The goal has been to stop attacks as far from what attackers wanted to compromise: As the attackers passed one level of defense, another would be waiting. We are seeing today that defense in depth is not working. Regardless of the number of layers added, data breaches still happen.

There needs to be a change in all-or-nothing thinking. We need to accept that defenses will be breached, networks attacked, and data stolen. With ever-expanding threat surfaces and the pace of malicious cyber innovation, it is an impossible task to anticipate or rely on former attack patterns to protect against future attacks. The same reality has been realized in the physical world. Terrorist attacks will happen, regardless of the best possible defenses. But when they do, they are contained and mitigated quickly and swiftly.

Cybersecurity needs to adopt the same thinking. If we cannot stop the threat from happening, then we need to detect and remediate the threat at the earliest possible moment. To do this, cyber organizations must look to new methods of detection.

The one consistency in attacks are the behaviors we see while an attack is underway. Cyber entities inside of the network begin to behave differently. These changes in behavior are what cyber defenders can use to quickly find the source of the attack. So ask your security vendors what they are doing to help you find these changes in behavior to enable immediate remediation.

Learn more about how big-data security analytics offer visibility into unseen, unknown threats at the TechForum: Security Forum

When: Sept. 28, 2017
Where: The Metropolitan Pavilion, 123 West 18th St., New York City
What: Trends in Enterprise Security: Big Data Security Analytics

Session Abstract: Big-data security analytics offer visibility into unseen and unknown threats. Yet to implement it, security teams must assess use-case coverage, data-source requirements, security-operations process changes, and incident-response optimization. Delve into examples of how companies have successfully deployed security analytics, how to choose the correct technology, and how to define successful metrics to measure results.