Attivo Solutions Brief Series
© 2014 Attivo Networks. All rights reserved. www.attivonetworks.com
Finding the “real” alerts
Threat of Cyberattacks Hits Record Level
The threat of cyberattacks has hit its highest level since records began in May 2000, and cybercrime is now a global network that is “mature, far-reaching, well-funded, and highly effective as a business operation,” according to Cisco’s Annual Security Report. In addition, Cisco found a 14% increase in total alerts year-over-year. In addition there was a significant increase in new alerts (which averaged from 55% to 65% of total alerts) as opposed to update alerts as security experts begin to track the lifecycle of an event. Here are a few of the contributing factors, according to Cisco:
Advanced mobile devices come with unanticipated weaknesses against malware infections.
Cyber criminals are increasingly targeting Internet infrastructures
Organized cybercrime is getting, well, more organized, with more fine-tuned motivations: public vs. private sector, financial rewards vs. inflicting damage on reputations.
A test on 30 of the world’s largest Fortune 500 companies found that 100% were fooled into visiting “booby-trapped” websites—opening the door to invite malware infections back into the corporate network
Finding the “real” alerts
The sheer volume of alerts generated by all the different attack detection devices deployed throughout an organization’s environment often overwhelms cyber security teams. Searching for the one true threat in the mountains of false positives can be daunting.
Failing to recognize the real threat can have disastrous results:
Network outage (causing loss of revenue and productivity)
Loss of valuable customer information (credit and debit card data, email addresses, patient health care information, etc)
Loss of intellectual property (anywhere from legal documents to the actual “secret sauce” recipient, etc)
Loss of jobs for IT and CISOs personnel
Take for example Target’s security team received alerts on the attack targeting their payment systems long before any credit card information was extracted—it took Target 19 days to stop the attack. For the Neiman Marcus security breach, there were over 60,000 alerts that their security experts had to carefully sift through. Let’s see how long it would take a team of 10 security experts working 24/7 to investigate:
5 minutes an average per alert
10 dedicated security people working
7 days a week, 24 hours a day
Answer = 21 days to resolve all 60,000 alerts!And, that’s assuming they did nothing else but investigate and dispose of these alerts and no other alerts came in while they’re working on these
**Important note** - contact our company for very powerful solutions including Crossware, a powerful email signature software product as well as IP management (IPv4 and IPv6, security, firewall and many other IT solutions:
In addition to this blog, Netiquette IQ has a website with great assets which are being added to on a regular basis. I have authored the premiere book on Netiquette, “Netiquette IQ - A Comprehensive Guide to Improve, Enhance and Add Power to Your Email". My new book, “You’re Hired! Super Charge Your Email Skills in just 60 Minutes. . . And Get That Job!” will be published soon follow by a trilogy of books on Netiquette for young people. You can view my profile, reviews of the book and content excerpts at:
If you would like to listen to experts in all aspects of Netiquette and communication, try my radio show on BlogtalkRadio Additionally, I provide content for an online newsletter via paper.li. I have also established Netiquette discussion groups with Linkedin and Yahoo. I am also a member of the International Business Etiquette and Protocol Group and Minding Manners among others. Further, I regularly consult for the Gerson Lehrman Group, a worldwide network of subject matter experts and have been a contributor to numerous blogs and publications.
Lastly, I am the founder and president of Tabula Rosa Systems, a company that provides “best of breed” products for network, security and system management and services. Tabula Rosa has a new blog and Twitter site which offers great IT product information for virtually anyone.