Showing posts with label Big Data Security Analytics. Show all posts
Showing posts with label Big Data Security Analytics. Show all posts

Insider Threats in the Federal Agency: Endpoint Security and Human Analytics

Manning, Snowden, Wikileaks… Recent headlines have made the dangers of insider threats for federal agencies even more of a flashing red light than before. The risk of intentional data breaches is a critical problem, but certainly not the only one. The latest report from the Ponemon Institute, the 2013 Cost of Cyber Crime Study: United States, found that more than one third of all data security breaches at government agencies are caused accidentally by internal employees. Intentional or not, both are problematic.

Human error as insider threat
A study by the Privacy Rights Clearinghouse noted not long ago that government agencies have experienced a steady rise in data breaches caused by employees over the last four years. In addition, employee negligence caused over 150 breaches and the loss of more than 92.5 million records since January 2009.

Barbarians Inside the Gate: Finding the Needle in a Data Haystack

Sam Maccherola

Despite most corporations’ robust perimeter security solutions, advanced persistent threats may already have evaded perimeter detection and be lying in wait for some future launch date. Of even more concern is the fact that some of the barbarians who are already past the gate may not be Ukrainian hackers, they may be someone working at a neighboring desk.

Insider Threats: There is something you can do

Some methods for dealing with insider threats are exercised by managers with good people skills and the ability to spot early signs of attitude or work-satisfaction issues. However, the best source of raw intelligence on potential threats in the modern enterprise is found directly at the endpoints such as laptops and servers—the targets of most serious information-security threats.

Announcing EnCase Analytics, the Industry’s First Proactive Endpoint Security Analytics Solution

Just in time for the Department of Homeland Security’s National Cyber Security Awareness Month, Guidance Software has unleashed one of the most powerful weapons in the war against security risks--EnCase® Analytics. In fact, we announced  the general availability of EnCase Analytics just yesterday. This is big news for information security, incident response, and risk and compliance teams, because EnCase Analytics gives you something you could never get before: an early look at previously unknown and difficult-to-detect threats through the use of “big data” analytical techniques. It does this by analyzing the reams of data generated by your users’ endpoint activity, producing for the first time a clear picture of organization-wide security risk—both internal and external. 

The Cybersecurity Framework: Identification, Collaboration, and Proactive Defense

Alex Andrianopoulos

Think of it as the new arms race: Everyone from corporations to government agencies is engaged in a constant combat cycle with cyber-terrorists and criminals that goes through these phases:

  • The bad guys launch a new type or method of attack
  • Some (if not all) organizations attacked are breached
  • Consequences ranging from real economic loss to destruction of physical—not virtual—resources cause the victimized organizations to begin studying and identifying the new threat
  • At least one organization names the new attack method
  • The organization or a security vendor finds a defense to the new threat
  • The word spreads and, armed with the latest intelligence, organizations begin configuring the appropriate defenses.

 Here is the problem: The delay between a breach, developing a defense and sharing the solution can take months, if not longer. Why the delay? Because the good guys do not share enough information. The black hats are aggressively sharing techniques and new approaches. Thus, we applaud anything that the government can do to encourage exchange of information on cybersecurity threats and new methods employed by hackers and other cyber-criminals.

Big Data Security Analytics Meets Endpoint Visibility

Ale Espinosa

Gone are the days of one-size-fits-all. Today, everything is about tailor-made and customization. This includes cybersecurity threats.

In the last few years, security has become increasingly more challenging. According to recent Enterprise Strategy Group (ESG) research, “62% of IT security professionals say that security management is somewhat more difficult or significantly more difficult than it was two years ago. ” This is because threats have become more sophisticated and more targeted.

But we don’t know what we don’t know, so how can we locate and expose these needles of unknown threats in the haystack of massive enterprise data? Through the use of Big Data security analytics.

In the recent ESG Brief EnCase Analytics: Big Data Security Analytics Meets Endpoint Visibility, Jon Oltsik, Senior Principal Analyst for ESG, talks about the new reality of security information, which is that guarding enterprise data has become increasingly challenging due to the sophistication of the threats, security staffing shortage, and incident-detection challenges.

Jon then applied his expertise in Big Data and experiences in security to lay out the Big Data security analytics continuum, in which corporations tend to land on the spectrum based on two extremes: real-time vs. asymmetric Big Data security analytics. He also discusses the four pointers in getting Big Data security analytics right, and described how EnCase Analytics —a turn-key solution— is a happy medium in the Big Data security analytics continuum.

To find out how to derive security intelligence through the use of Big Data security analytics, download Enterprise Strategy Group Brief: EnCase Analytics: Big Data Security Analytics Meets Endpoint Visibility from our publication library.