Showing posts with label Threat Intelligence. Show all posts
Showing posts with label Threat Intelligence. Show all posts

Lessons Learned from 2014 Cyber Breaches

Ashley Hernandez and John Lukach

At Guidance Software, we’re honored to train and work alongside information security teams inside numerous global corporations and government agencies. This gives us an ideal vantage point from which to learn and incorporate the latest intelligence on attack methods and best-practices for incident response. So here’s a look at what we’ve gleaned from this year’s barrage of cyber-attacks.

Where to Invest Resources in the High-Profile Breach Era

In our opinion, the biggest impact that the large number of headline-making breaches has had is in raising public and corporate awareness of the consequences and difficulty of securing companies’ assets. This awareness places more pressure and demand on those on the front lines of security.

Black Hat 2014: Live Demo of Threat Detection and Intelligence for EnCase

We invited Jessica Bair, one of the ThreatGRID experts with whom we have partnered at Cisco, to write a guest blog post for us about their upcoming presentation in our booth at Black Hat 2014, and she has delivered. We welcome her and Cisco SourceFire and ThreatGRID to our Guidance Software booth #1141--and to the Endpoint Intelligence blog.

The threat landscape is rapidly evolving and organizations are having a harder time keeping up. The negative consequences of security incidents continue to be more impactful. The trends, unfortunately, are favoring the adversaries:

  • Attackers getting better and faster than the defenders. Attackers now compromise organizations in days or even hours, while it takes defenders weeks or even months to discover that they have been compromised. This gap is increasing.
  • The number of incidents detected continues to grow. Organizations are detecting 25 percent more incidents than last year. While some of this may be the result of better detection, it still points to the growing number of incidents that need to be responded to and handled--not to mention the time pressure.
  • The financial costs of incidents are rising, particularly among organizations reporting high dollar-value impact.
  • There is a major shortage of skilled cybersecurity professionals, more than any other role within IT.
What is required is a threat-centric, integrated solution for breach detection, threat analysis, and remediation. Guidance Software, Inc. partnered with SourceFire and ThreatGRID (both now part of Cisco) for a best-in-class integrated approach:

The combined approach provides you with efficient and rapid incident response, including:

  • Proactive breach and threat detection with SourceFire NGIPS
  • Analysis of unknown threat files in ~5-30 minutes with ThreatGRID
  • Remediation across the enterprise with EnCase Cybersecurity
The business value and benefits are immediate and lasting. Our combined approach:

  • Decreases the time between detection and remediation
  • Increases the productivity and efficiency of security professionals to manage threats
  • Reduces risks and associated costs by lowering the exposure to related breaches
  • Increases the accuracy of malware analysis and threat intelligence.
We invite you to come see a live demonstration of this integration in action at Black Hat 2014. The demonstration will be held at 1:50 p.m. on Thursday, August 7 in the Guidance Software theater in booth #1141. Security experts will be on hand to answer your questions and discuss how you can improve your breach detection, conduct efficient threat analysis, and complete rapid, enterprise-wide remediation. See you there!

Jessica Bair, EnCE, EnCEP
Sr. Manager, Business Development
Advanced Threat Solutions - Cisco Security Group