Get Ahead of the Game by Combating Cyber Criminals

Get Ahead of the Game by Combating Cyber Criminals

Cybercriminals are building ladders faster than organizations can build walls, and while their tactics continue to evolve, so too has the typical hacker profile. No longer led by “script-kiddies” or those pursuing academic challenge, today hackers oversee well-funded development efforts with very specific financial or political goals.  As a result – and despite best efforts – the good guys are usually a step (or many steps) behind. 

Hackers have adopted a number of attack methods, which include combinations of social engineering attacks, malicious mobile applications, phishing scams, and ransomware, to name a few. These attacks have been and in all likelihood will remain, successful methods of penetrating corporate networks.  

Fortify defenses, collect intelligence, and respond rapidly

Given the recent surge in data breaches, there is a clear need for a paradigm shift in how we approach security. Existing fortifications still need to remain strong, but the deep analysis of networks and systems to detect potential threats is equally critical. Ultimately, organizations need to contain the risks posed by threats that may already be inside their walls.  

How security defenders detect and respond to existing vulnerabilities also needs to change. Verizon’s 2015 Data Breach Investigations Report indicates that organizations take an average of 205 days to detect a data breach. This gives threat actors plenty of time to conduct surveillance, steal data and spy on their targets.

Often times a data breach is a drawn out process that slowly siphons data from an organization. This approach of gradually extracting data allows these attacks to go unnoticed for extended lengths of time. Organizations need to improve the process by which they detect and respond to threats so they can reduce the window of opportunity.

Separate the meaningful from the mundane

The average organization receives more than 16,000 alerts every week. According to a report from Ponemon Institute, only 4% of these alerts are investigated. In what is now one of the most notable cyber security incidents, Target famously ignored an alert that could have potentially reduced the scale of the attack it experienced two years ago. The consequences were millions of stolen customer payment details, hundreds of millions of dollars in fines and settlements, and the dismissal of corporate leaders.

By sheer numbers, investigating every single alert is unrealistic for most organizations. So how do we better qualify these alerts and effectively reduce / refine this to a manageable number? There needs to be a greater focus placed on discerning the meaningful events from the benign. This has been a longstanding challenge, but one that can be overcome by leveraging big data to gauge and prioritize these threats. Understanding user behavior and historical trends can also help identify usage  irregularities or network anomalies, which can often be an indication of a tangible threat.

Most organizations implement a medley of security solutions to combat different vulnerabilities; encryption, DLP, endpoint security, anti-malware, firewalls, among other solutions. This is important since sophisticated attacks will not be isolated to a single layer within your security infrastructure.

As cybercriminals advance in their penetration of your network, their presence will often expand from one area to another – attacking more and more devices and users as they learn your environment and understand the potential opportunity.  The breach itself is simply their entry point into your network. Once they’re inside, they will examine each security layer to plan their offensive. This activity could produce benign or minor blips that – if properly analyzed – could provide you with the early heads-up you need to avoid a bad outcome.

Share your war stories

Organizations are learning from previous attacks, but unfortunately for many, the damage has already been done.

One valuable model is to cultivate a network of peers where knowledge and experiences can be shared. This is important since, once an attempted attack is detected, odds are the same technique will be used on other targets. One recent development is with crowdsourced platforms which are evolving, providing a forum for IT professionals to collaborate and share threat intelligence.

By sharing these experiences (without revealing any sensitive information), IT security leaders can improve their defenses. Think about it…with the exponential growth of vulnerabilities and so many successful attacks, relying on your singular experience means you’re unaware of the majority of the attacks that could be heading your way.

By gathering intelligence from a wider circle of experience, you’re expanding your knowledge and ultimately your ability to respond to these types of attacks.

Featured

  • New Report Reveals Top Security Risks for U.S. Retail Chains

    Interface Systems, a provider of security, actionable insights, and purpose-built networks for multi-location businesses, has released its 2024 State of Remote Video Monitoring in Retail Chains report. The detailed study analyzed over 2 million monitoring requests across 4,156 retail locations in the United States from September 2023 to August 2024. Read Now

  • Gaining a Competitive Edge

    Ask most companies about their future technology plans and the answers will most likely include AI. Then ask how they plan to deploy it, and that is where the responses may start to vary. Every company has unique surveillance requirements that are based on market focus, scale, scope, risk tolerance, geographic area and, of course, budget. Those factors all play a role in deciding how to configure a surveillance system, and how to effectively implement technologies like AI. Read Now

  • 6 Ways Security Awareness Training Empowers Human Risk Management

    Organizations are realizing that their greatest vulnerability often comes from within – their own people. Human error remains a significant factor in cybersecurity breaches, making it imperative for organizations to address human risk effectively. As a result, security awareness training (SAT) has emerged as a cornerstone in this endeavor because it offers a multifaceted approach to managing human risk. Read Now

  • The Stage is Set

    The security industry spans the entire globe, with manufacturers, developers and suppliers on every continent (well, almost—sorry, Antarctica). That means when regulations pop up in one area, they often have a ripple effect that impacts the entire supply chain. Recent data privacy regulations like GDPR in Europe and CPRA in California made waves when they first went into effect, forcing businesses to change the way they approach data collection and storage to continue operating in those markets. Even highly specific regulations like the U.S.’s National Defense Authorization Act (NDAA) can have international reverberations – and this growing volume of legislation has continued to affect global supply chains in a variety of different ways. Read Now

Featured Cybersecurity

Webinars

New Products

  • PE80 Series

    PE80 Series by SARGENT / ED4000/PED5000 Series by Corbin Russwin

    ASSA ABLOY, a global leader in access solutions, has announced the launch of two next generation exit devices from long-standing leaders in the premium exit device market: the PE80 Series by SARGENT and the PED4000/PED5000 Series by Corbin Russwin. These new exit devices boast industry-first features that are specifically designed to provide enhanced safety, security and convenience, setting new standards for exit solutions. The SARGENT PE80 and Corbin Russwin PED4000/PED5000 Series exit devices are engineered to meet the ever-evolving needs of modern buildings. Featuring the high strength, security and durability that ASSA ABLOY is known for, the new exit devices deliver several innovative, industry-first features in addition to elegant design finishes for every opening. 3

  • Compact IP Video Intercom

    Viking’s X-205 Series of intercoms provide HD IP video and two-way voice communication - all wrapped up in an attractive compact chassis. 3

  • QCS7230 System-on-Chip (SoC)

    QCS7230 System-on-Chip (SoC)

    The latest Qualcomm® Vision Intelligence Platform offers next-generation smart camera IoT solutions to improve safety and security across enterprises, cities and spaces. The Vision Intelligence Platform was expanded in March 2022 with the introduction of the QCS7230 System-on-Chip (SoC), which delivers superior artificial intelligence (AI) inferencing at the edge. 3