==================================================
Attivo Solutions Brief Series
© 2014 Attivo Networks. All rights reserved.
www.attivonetworks.com
Finding the “real” alerts
Threat of Cyberattacks Hits Record Level
The threat of cyberattacks has hit its highest level
since records began in May 2000, and cybercrime is now a global network that is
“mature, far-reaching, well-funded, and highly effective as a business
operation,” according to Cisco’s Annual Security Report. In addition, Cisco
found a 14% increase in total alerts year-over-year. In addition there was a
significant increase in new alerts (which averaged from 55% to 65% of total
alerts) as opposed to update alerts as security experts begin to track the
lifecycle of an event. Here are a few of the contributing factors, according to
Cisco:
•
Advanced mobile devices come with unanticipated weaknesses
against malware infections.
•
Cyber criminals are increasingly targeting Internet
infrastructures
•
Organized cybercrime is getting, well,
more organized, with
more fine-tuned motivations: public vs. private sector, financial rewards vs.
inflicting damage on reputations.
•
A test on 30 of the world’s largest Fortune 500 companies
found that 100% were fooled into visiting “booby-trapped” websites—opening
the door to invite malware infections back into the corporate network
Finding the “real” alerts
The sheer volume of alerts generated by all the different
attack detection devices deployed throughout an organization’s environment
often overwhelms cyber security teams. Searching for the one true threat in the
mountains of false positives can be daunting.
Failing to recognize the real threat can have disastrous
results:
•
Network outage (causing loss of revenue and
productivity)
•
Loss of valuable customer information (credit and debit card data, email
addresses, patient health care information, etc)
•
Loss of intellectual property (anywhere from legal documents to the
actual “secret sauce” recipient, etc)
•
Loss of jobs for IT and CISOs personnel
Take for example Target’s security team received alerts
on the attack targeting their payment systems long before any credit card
information was extracted—it took Target 19 days to stop the attack. For
the Neiman Marcus security breach, there were over 60,000 alerts that
their security experts had to carefully sift through. Let’s see how long it
would take a team of 10 security experts working 24/7 to investigate:
•
60,000 alerts
•
5 minutes an average per alert
•
10 dedicated security people working
•
7 days a week, 24 hours a day
•
Answer = 21 days to resolve all 60,000 alerts!
And, that’s assuming
they did nothing else but investigate and dispose of these alerts and no other
alerts came in while they’re working on these============================================
**Important note** - contact our company for very powerful solutions including Crossware, a powerful email signature software product as well as IP management (IPv4 and IPv6, security, firewall and many other IT solutions:
www.tabularosa.net
In addition to this blog, Netiquette IQ has a website with great assets which are being added to on a regular basis. I have authored the premiere book on Netiquette, “Netiquette IQ - A Comprehensive Guide to Improve, Enhance and Add Power to Your Email". My new book, “You’re Hired! Super Charge Your Email Skills in just 60 Minutes. . . And Get That Job!” will be published soon follow by a trilogy of books on Netiquette for young people. You can view my profile, reviews of the book and content excerpts at:
www.amazon.com/author/paulbabicki
If you would like to listen to experts in all aspects of Netiquette and communication, try my radio show on BlogtalkRadio Additionally, I provide content for an online newsletter via paper.li. I have also established Netiquette discussion groups with Linkedin and Yahoo. I am also a member of the International Business Etiquette and Protocol Group and Minding Manners among others. Further, I regularly consult for the Gerson Lehrman Group, a worldwide network of subject matter experts and have been a contributor to numerous blogs and publications.
Lastly, I
am the founder and president of Tabula
Rosa Systems, a company that provides “best of breed” products for network,
security and system management and services. Tabula Rosa has a new blog and Twitter site which offers great IT
product information for virtually anyone.
==============================================
No comments:
Post a Comment