Evaluate your SIEM requirements and expect more for advanced threat detection and responseSecurity information and event management (SIEM) technology is evolving to keep pace with the growing threat landscape. The Gartner Technology Insight for the Modern SIEM report breaks down myths and provides insights into the latest SIEM capabilities and key considerations for security practitioners grappling with whether to embrace, replace, or augment their SIEM platform.
We believe this report from Gartner will help you gain these insights:
*Technology Insight for the Modern SIEM, Toby Bussa, Kelly Kavanagh, Gorka Sadowski, 24 October 2018.
For the last several years, one of the hallmarks of digital transformation has been the market’s rapid transition to the cloud, from applications and services to complete infrastructures. But a growing number of organizations have begun to pull away from that trend, primarily because of security concerns.
The rapid adoption of new technologies almost always introduces challenges for which enterprises haven't adequately prepared. The security challenges of vulnerable IoT devices is an excellent example. In the case of cloud adoption, there are two critical concerns. First, because market demands forced many organizations to move too quickly, their cloud adoption strategy wasn't always planned as well as it might have been. As a result, many organizations now find themselves with a complex cloud-based environment that has become too expensive to manage, maintain and secure.
SD-WAN Experiencing Dynamic Growth
Gartner recently completed a survey that highlights key concerns organizations face as they implement an SD-WAN solution, and strategies for addressing those challenges. SD-WAN has been seeing rapid growth over the past two years according to IDC, with the total addressable market ballooning from $225 million in 2015 to $1.3 billion this year, with some experts predicting that it will jump to as much as $4.6 billion in 2022.
The driver behind this growth is exactly what you’d expect—digital transformation. Branch offices can no longer simply function as a satellite connected to a central network. Today’s next-gen branch leverages multiple connections, from SaaS and IaaS multi-cloud connections to direct internet connectivity from corporate-owned and BYOD assets. It also relies on high-speed connectivity to the core network, but with local awareness of things like business applications and the need for real-time data.
Traditional MPLS connections are not only expensive in some markets like the US, but they are also quite rigid—which means that digital business development efforts can often accelerate beyond the ability of a traditional branch office connection to keep up.
An extensive tool set to easily create images, animations, and interactive content.
Would making design decisions in real time help you reduce design cycle time and deliver better products? Would the ability to share a 3D file in a web browser with stakeholders help improve communication during the design phase?
Blow away the competition and take your project to the next level with the many advanced features found in SOLIDWORKS® Visualize Professional. Utilize camera animations and one-click 360 degree spins to show off design and engineering solutions, helping to describe complex features and ultimately sell more product and ideas. Rapidly create and compare multiple design directions, to make better business decisions and get your products to market faster while capturing maximum market share.
The costs of a data breach are on the rise. According to Ponemon’s 13th annual Cost of a Data Breach Study, the global average costs of a breach rose 6.4 percent over the previous year to $3.86 million in 2018. During that same period, the average cost for each lost or stolen record containing sensitive or confidential information increased 4.8 percent to $148.
To protect themselves against these rising costs, companies are turning to cyber insurance in droves. German reinsurance giant Munich Re said that the insurance market protecting companies against digital threats will likely double by 2020 to over $8 billion, as reported by Security Week. Given this forecast, many companies will undoubtedly purchase cyber insurance for the first time within the next few years. To help them get started, I’d like to provide some best practices for purchasing a policy.
Understanding Suspicious User Types in Your Organization
Whether unintentional or malicious in nature, user-based threats can have devastating consequences on your organization. While your focus may be on protecting your organization from outside incidents, you also need to guard yourself from insider threats. Despite your best efforts to keep your organization safe — such as providing security training and company best practices — users are often the weakest link in your defenses.
Understanding user behavior is often difficult because there are many different types of users. Complicating matters, you don’t know if your users’ actions are unintentional or deliberate. That’s why you need to add an additional layer of analytics beyond your security information and event management (SIEM) platform with user and entity behavior analytics (UEBA).
As with traditional IT networks, Operational Technology (OT) networks are undergoing a digital transformation process of their own. The goal is to improve productivity, efficiency, up-time, and flexibility through better monitoring. To do this, online sensors and connected systems are replacing traditional serial connections, proprietary protocols, and programmable logic controllers to better manage and control industrial environments. At the same time, the integration of automation, communications, and networking in industrial environments is an integral part of the growing Industrial Internet of Things (IIoT).
According to the FBI, losses related to Business Email Compromise (BEC) attacks have increased by 136% from December 2016 to May 2018. Why the increase? The answer is actually pretty simple: BEC attacks are easy to launch, there’s limited risk of being caught, and they work! It ranks #1 in the IC3’s 2017 Internet Crime Report for the volume of victim losses, representing nearly half (48%) of the total losses of the top 10 Internet crimes.
As IT and operational technology networks converge, organizations are exposing their traditionally isolated OT networks to new cyber-risks. Cybercriminals have already begun designing new malware threats, like CrashOverride/Industroyer, Triton and VPNFilter, to target vulnerable OT systems. While some of these new attacks target SCADA (supervisory control and data acquisition) and ICS (industrial control system) systems, most are focused on highly vulnerable industrial IoT devices.
Traditionally, OT engineers attached devices to monitor and control the OT infrastructure through a serial connection, which made them less available to traditional hackers. Today, as OT managers add serial-to-Ethernet converters to these devices, they are becoming prime targets. Part of the reason is that many of these devices are highly vulnerable to attack. For example, many run aging operating systems, such as Windows XP, that are highly susceptible to exploitation. In addition, most OT networks simply haven’t deployed the sorts of security technologies commonly in place in IT networks. As a result, targeting IIoT devices has certain advantages for some cybercriminals.