Get Ahead of the Game by Combating Cyber Criminals

Get Ahead of the Game by Combating Cyber Criminals

  • By Lance Mueller
  • Mar 17, 2016

Cybercriminals are building ladders faster than organizations can build walls, and while their tactics continue to evolve, so too has the typical hacker profile. No longer led by “script-kiddies” or those pursuing academic challenge, today hackers oversee well-funded development efforts with very specific financial or political goals.  As a result – and despite best efforts – the good guys are usually a step (or many steps) behind. 

Hackers have adopted a number of attack methods, which include combinations of social engineering attacks, malicious mobile applications, phishing scams, and ransomware, to name a few. These attacks have been and in all likelihood will remain, successful methods of penetrating corporate networks.  

Fortify defenses, collect intelligence, and respond rapidly

Given the recent surge in data breaches, there is a clear need for a paradigm shift in how we approach security. Existing fortifications still need to remain strong, but the deep analysis of networks and systems to detect potential threats is equally critical. Ultimately, organizations need to contain the risks posed by threats that may already be inside their walls.  

How security defenders detect and respond to existing vulnerabilities also needs to change. Verizon’s 2015 Data Breach Investigations Report indicates that organizations take an average of 205 days to detect a data breach. This gives threat actors plenty of time to conduct surveillance, steal data and spy on their targets.

Often times a data breach is a drawn out process that slowly siphons data from an organization. This approach of gradually extracting data allows these attacks to go unnoticed for extended lengths of time. Organizations need to improve the process by which they detect and respond to threats so they can reduce the window of opportunity.

Separate the meaningful from the mundane

The average organization receives more than 16,000 alerts every week. According to a report from Ponemon Institute, only 4% of these alerts are investigated. In what is now one of the most notable cyber security incidents, Target famously ignored an alert that could have potentially reduced the scale of the attack it experienced two years ago. The consequences were millions of stolen customer payment details, hundreds of millions of dollars in fines and settlements, and the dismissal of corporate leaders.

By sheer numbers, investigating every single alert is unrealistic for most organizations. So how do we better qualify these alerts and effectively reduce / refine this to a manageable number? There needs to be a greater focus placed on discerning the meaningful events from the benign. This has been a longstanding challenge, but one that can be overcome by leveraging big data to gauge and prioritize these threats. Understanding user behavior and historical trends can also help identify usage  irregularities or network anomalies, which can often be an indication of a tangible threat.

Most organizations implement a medley of security solutions to combat different vulnerabilities; encryption, DLP, endpoint security, anti-malware, firewalls, among other solutions. This is important since sophisticated attacks will not be isolated to a single layer within your security infrastructure.

As cybercriminals advance in their penetration of your network, their presence will often expand from one area to another – attacking more and more devices and users as they learn your environment and understand the potential opportunity.  The breach itself is simply their entry point into your network. Once they’re inside, they will examine each security layer to plan their offensive. This activity could produce benign or minor blips that – if properly analyzed – could provide you with the early heads-up you need to avoid a bad outcome.

Share your war stories

Organizations are learning from previous attacks, but unfortunately for many, the damage has already been done.

One valuable model is to cultivate a network of peers where knowledge and experiences can be shared. This is important since, once an attempted attack is detected, odds are the same technique will be used on other targets. One recent development is with crowdsourced platforms which are evolving, providing a forum for IT professionals to collaborate and share threat intelligence.

By sharing these experiences (without revealing any sensitive information), IT security leaders can improve their defenses. Think about it…with the exponential growth of vulnerabilities and so many successful attacks, relying on your singular experience means you’re unaware of the majority of the attacks that could be heading your way.

By gathering intelligence from a wider circle of experience, you’re expanding your knowledge and ultimately your ability to respond to these types of attacks.

Featured

  • Windsor Port Authority Strengthens U.S.-Canada Border Waterway Safety, Security

    Windsor Port Authority, one of just 17 national ports created by the 1999 Canada Marine Act, has enhanced waterway safety and security across its jurisdiction on the U.S.-Canada border with state-of-the-art cameras from Axis Communications. These cameras, combined with radar solutions from Accipiter Radar Technologies Inc., provide the port with the visibility needed to prevent collisions, better detect illegal activity, and save lives along the river. Read Now

  • Survey: 84 Percent of Healthcare Organizations Spotted Cyberattack in Last 12 Months

    Netwrix, a vendor specializing in cybersecurity solutions focused on data and identity threats, surveyed 1,309 IT and security professionals globally and recently released findings for the healthcare sector based on the data collected. It reveals that 84% of organizations in the healthcare sector spotted a cyberattack on their infrastructure within the last 12 months. Phishing was the most common type of incident experienced on premises, similar to other industries. Read Now

  • Keynote Speakers Announced for ISC West 2025

    ISC West, hosted in collaboration with premier sponsor the Security Industry Association (SIA), unveiled its 2025 Keynote Series. Featuring a powerhouse lineup of experts in cybersecurity, retail security, and leadership, each keynote will offer invaluable insights into the challenges and opportunities transforming the field of security. Read Now

    • Industry Events
    • ISC West

  • Study: Video Doorbells Have a 71% Service Attach Rate

    Parks Associates recently announced a new white paper, Consumer IoT Product Development: Managing Costs, Optimizing Revenues, which provides companies with a business-planning blueprint to evaluate how a consumer IoT solution will perform across its lifetime. Subscription services, such as video storage and professional monitoring, can be critical for covering ongoing cloud and support costs Read Now

Most   Popular

Featured Cybersecurity

Webinars

New Products

  • Luma x20

    Luma x20

    Snap One has announced its popular Luma x20 family of surveillance products now offers even greater security and privacy for home and business owners across the globe by giving them full control over integrators’ system access to view live and recorded video. According to Snap One Product Manager Derek Webb, the new “customer handoff” feature provides enhanced user control after initial installation, allowing the owners to have total privacy while also making it easy to reinstate integrator access when maintenance or assistance is required. This new feature is now available to all Luma x20 users globally. “The Luma x20 family of surveillance solutions provides excellent image and audio capture, and with the new customer handoff feature, it now offers absolute privacy for camera feeds and recordings,” Webb said. “With notifications and integrator access controlled through the powerful OvrC remote system management platform, it’s easy for integrators to give their clients full control of their footage and then to get temporary access from the client for any troubleshooting needs.” 3

  • EasyGate SPT and SPD

    EasyGate SPT SPD

    Security solutions do not have to be ordinary, let alone unattractive. Having renewed their best-selling speed gates, Cominfo has once again demonstrated their Art of Security philosophy in practice — and confirmed their position as an industry-leading manufacturers of premium speed gates and turnstiles. 3

  • Camden CM-221 Series Switches

    Camden CM-221 Series Switches

    Camden Door Controls is pleased to announce that, in response to soaring customer demand, it has expanded its range of ValueWave™ no-touch switches to include a narrow (slimline) version with manual override. This override button is designed to provide additional assurance that the request to exit switch will open a door, even if the no-touch sensor fails to operate. This new slimline switch also features a heavy gauge stainless steel faceplate, a red/green illuminated light ring, and is IP65 rated, making it ideal for indoor or outdoor use as part of an automatic door or access control system. ValueWave™ no-touch switches are designed for easy installation and trouble-free service in high traffic applications. In addition to this narrow version, the CM-221 & CM-222 Series switches are available in a range of other models with single and double gang heavy-gauge stainless steel faceplates and include illuminated light rings. 3