Let's Talk
Get on a first-name basis with the Bridgeway team. Let’s chat about your organisational objectives and any critical cyber security concerns you need to cover.
Earlier this week we wrote about how the emergence of cloud and IoT have shifted security priorities from arbitrary boundaries towards the protection of data.
Whilst traditional perimeter security cannot be ignored, potential threat vectors are proliferating by the day, and it is here that new approaches—such as user and entity behaviour analytics (UEBA)—help keep your information safe.
Let’s assume one of your privileged access accounts is compromised—perhaps even your CFO. It is easy enough to steal credentials. However, once inside a network with UEBA in play, a hacker would have to successfully mimic the CFO’s behaviour to avoid triggering alarms—a much taller order, especially if you take into account behaviour across multiple platforms and devices.
By watching how your users and devices interact with each other and setting a baseline for normal activity, UEBA is able to detect when there is a deviation in the way it would expect a device to be used. Any anomalies that could be a potential threat to your environment are escalated for an analyst to review.
Do behaviour analytics render SIEM useless?
UEBA’s business applications are as numerous as they are powerful, enabling organisations to better manage any of the following areas:
Sophisticated solutions from leading vendors are even using AI and machine learning to automatically remediate threats like phishing, ransomware, lateral movement, data exfiltration, command-and-control communication, account takeovers, privilege escalation and more.
Whilst it will vary from business to business, automated insider threat detection can transform the productivity of your team and save you thousands in the process. According to Aruba, Introspect saves ‘roughly £35,000 per month and nearly 30 hours per incident by cutting down on investigations’ using Aruba’s flagship UEBA product. ‘Indeed, customers say they have been able to resolve single incidents in only 10 minutes, compared to 30 hours using traditional methods.’
It’s no secret that CISOs have some of the toughest roles in any organisation, especially with the...
Read MoreCyber security is a minefield for many, not just in terms of its intricacies and ever-changing...
Read MoreWe know the old ways of working, well, don’t work — and they call for innovative, forward-thinking...
Read MoreAll organisations understand that cyber security is now an essential expense, helping companies cut...
Read MoreThe cost-benefit analysis approach to cyber security is perhaps the most popular in helping prove...
Read More