Browsing category


Advanced Persistent Threat (APT), Analytics, Artificial intelligence, Big Data, Data Management, insider threats, Internet of Things (IoT), Machine Learning, Security Analytics, Security Intelligence & Analytics, Security Training, Threat Detection, Threat Intelligence, User Behavior Analytics (UBA),

Stay Ahead of the Growing Security Analytics Market With These Best Practices

As breach rates climb and threat actors continue to evolve their techniques, many IT security teams are turning to new tools in the fight against corporate cybercrime. The proliferation of internet of things (IoT) devices, network services and other technologies in the enterprise has expanded the attack surface every year and will continue to do so. This evolving landscape is prompting organizations to seek out new ways of defending critical assets and gathering threat intelligence.

The Security Analytics Market Is Poised for Massive Growth

Enter security analytics, which mixes threat intelligence with big data capabilities to help detect, analyze and mitigate targeted attacks and persistent threats from outside actors as well as those already inside corporate walls.

“It’s no longer enough to protect against outside attacks with perimeter-based cybersecurity solutions,” said Hani Mustafa, CEO and co-founder of Jazz Networks. “Cybersecurity tools that blend user behavior analytics (UBA), machine learning and data visibility will help security professionals contextualize data and demystify human behavior, allowing them to predict, prevent and protect against insider threats.”

Security analytics can also provide information about attempted breaches from outside sources. Analytics tools work together with existing network defenses and strategies and offer a deeper view into suspicious activity, which could be missed or overlooked for long periods due to the massive amount of superfluous data collected each day.

Indeed, more security teams are seeing the value of analytics as the market appears poised for massive growth. According to Global Market Insights, the security analytics market was valued at more than $2 billion in 2015, and it is estimated to grow by more than 26 percent over the coming years — exceeding $8 billion by 2023. ABI Research put that figure even higher, estimating that the need for these tools will drive the security analytics market toward a revenue of $12 billion by 2024.

Why Are Security Managers Turning to Analytics?

For most security managers, investment in analytics tools represents a way to fill the need for more real-time, actionable information that plays a role in a layered, robust security strategy. Filtering out important information from the massive amounts of data that enterprises deal with daily is a primary goal for many leaders. Businesses are using these tools for many use cases, including analyzing user behavior, examining network traffic, detecting insider threats, uncovering lost data, and reviewing user roles and permissions.

“There has been a shift in cybersecurity analytics tooling over the past several years,” said Ray McKenzie, founder and managing director of Red Beach Advisors. “Companies initially were fine with weekly or biweekly security log analytics and threat identification. This has morphed to real-time analytics and tooling to support vulnerability awareness.”

Another reason for analytics is to gain better insight into the areas that are most at risk within an IT environment. But in efforts to cull important information from a wide variety of potential threats, these tools also present challenges to the teams using them.

“The technology can also cause alert fatigue,” said Simon Whitburn, global senior vice president, cybersecurity services at Nominet. “Effective analytics tools should have the ability to reduce false positives while analyzing data in real-time to pinpoint and eradicate malicious activity quickly. At the end of the day, the key is having access to actionable threat intelligence.”

Personalization Is Paramount

Obtaining actionable threat intelligence means configuring these tools with your unique business needs in mind.

“There is no ‘plug and play’ solution in the security analytics space,” said Liviu Arsene, senior cybersecurity analyst at Bitdefender. “Instead, the best way forward for organizations is to identify and deploy the analytics tools that best fits an organization’s needs.”

When evaluating security analytics tools, consider the company’s size and the complexity of the challenges the business hopes to address. Organizations that use analytics may need to include features such as deployment models, scope and depth of analysis, forensics, and monitoring, reporting and visualization. Others may have simpler needs with minimal overhead and a smaller focus on forensics and advanced persistent threats (APTs).

“While there is no single analytics tool that works for all organizations, it’s important for organizations to fully understand the features they need for their infrastructure,” said Arsene.

Best Practices for Researching and Deploying Analytics Solutions

Once you have established your organization’s needs and goals for investing in security analytics, there are other important considerations to keep in mind.

Emphasize Employee Training

Chief information security officers (CISOs) and security managers must ensure that their staffs are prepared to use the tools at the outset of deployment. Training employees on how to make sense of information among the noise of alerts is critical.

“Staff need to be trained to understand the results being generated, what is important, what is not and how to respond,” said Steve Tcherchian, CISO at XYPRO Technology Corporation.

Look for Tools That Can Change With the Threat Landscape

Security experts know that criminals are always one step ahead of technology and tools and that the threat landscape is always evolving. It’s essential to invest in tools that can handle relevant data needs now, but also down the line in several years. In other words, the solutions must evolve alongside the techniques and methodologies of threat actors.

“If the security tools an organization uses remain stagnant in their programming and update schedule, more vulnerabilities will be exposed through other approaches,” said Victor Congionti of Proven Data.

Understand That Analytics Is Only a Supplement to Your Team

Analytics tools are by no means a replacement for your security staff. Having analysts who can understand and interpret data is necessary to get the most out of these solutions.

Be Mindful of the Limitations of Security Analytics

Armed with security analytics tools, organizations can benefit from big data capabilities to analyze data and enhance detection with proactive alerts about potential malicious activity. However, analytics tools have their limitations, and enterprises that invest must evaluate and deploy these tools with their unique business needs in mind. The data obtained from analytics requires context, and trained staff need to understand how to make sense of important alerts among the noise.

The post Stay Ahead of the Growing Security Analytics Market With These Best Practices appeared first on Security Intelligence.

This post appeared first on Security Intelligence
Author: Joan Goodchild

Analytics, Chief Information Security Officer (CISO), CISO, Collaboration, Cybercrime, Cybersecurity Jobs, Fraud Detection, Security Intelligence & Analytics, Security Operations Center (SOC), Security Professionals, Skills Gap, Threat Intelligence, Threat Sharing,

Achieve Community Immunity With Security Data Integration

Security is a team sport. Both threat actors and cybersecurity professionals are teaming up and collaborating in greater numbers than ever. In fact, a United Nations study found that crime rings that regularly share information drive around 80 percent of cyberattacks. The dark web has become the standard platform to share security data, as well as an effective marketplace to monetize cybercrime activities.

On the defensive side, mature security programs are developing approaches to integrate different teams. According to The New York Times, some companies are even building fusion centers where employees from a range of backgrounds — from fraud detection to forensic analysis to customer service — work together to fight threats. Motivated by the demand from customers, IBM Security built a cyber range and a mobile Cyber Tactical Operations Center (C-TOC) to help battle-test security teams with crisis simulations.

How Can Cybersecurity Professionals Foster More Collaboration?

While many organizations are using the Department of Homeland Security (DHS)’s fusion centers as a model to foster collaboration among teams, the vast majority of companies are facing a skills shortage. According to ISACA, 27 percent of U.S. enterprises are unable to fill open roles for cybersecurity professionals. Given this challenge, how can enterprises promote collaboration and, more importantly, use it to drive better security outcomes?

When considering how to prevent cybercrime, it’s critical to break down barriers to collaboration. It’s time for us to learn from each other, and not reinvent the wheel when it is already working for someone else. We must use the spirit of community to inoculate ourselves against threats and gain long-term immunity. The human race has conquered many deadly diseases, such as smallpox and polio, through community immunity — so why not bring this concept to cybersecurity?

Here are three ways to foster collaboration among teams and achieve community immunity with the help of a security data integration platform:

1. Gain a Global Perspective

We should be able to leverage insights from our peers to enrich our own decision-making. One way to do this is by using a threat score or another normalized method of sharing threat intelligence. Threat sharing should always be anonymous to protect the privacy and security of enterprises and individuals. Threat intelligence should also be specific, whether at the regional or industry level, to make it relevant and actionable.

2. Reduce Blind Spots

Threat intelligence is just one part of security. Analysts need visibility into many other areas, such as database vulnerabilities and fraud analytics. Having a single, collaborative platform to share this security data allows other analysts and researchers to build on and refine the information and, in turn, share improved data with the security community.

3. Generate Personalized Recommendations

The power of global analytics is in leveraging the learnings from a broader environment and making them relevant to us. We often see this approach in retail, where websites recommend a product based on your purchase history or user profile. In security, a recommendation engine that proactively surfaces improvements to your existing program or tips to fine-tune your deployments can be incredibly useful. In addition, as customers move toward purchasing micro-apps and services and when they need them, a recommendation engine can proactively suggest solutions so analysts can stay ahead of threats and leverage the latest innovations available to them.

Don’t Go It Alone

So, how will you build your team? If anything is certain about today’s evolving cyberthreat landscape, it’s that you can’t go it alone. By fostering relationships with peers, improving visibility into databases and vulnerabilities, and investing in systems that generate personalized recommendations, security leaders can launch a more coordinated and collaborative counterattack in the ongoing battle against cybercrime.

The post Achieve Community Immunity With Security Data Integration appeared first on Security Intelligence.

This post appeared first on Security Intelligence
Author: Sumukh Tendulkar

Analytics, Artificial intelligence, Artificial Intelligence (AI), Automation, Chief Information Security Officer (CISO), CISO, Cybersecurity Jobs, Security Leader, Security Leadership, Security Professionals, Security Strategy, Skills Gap,

Soft Skills, Solid Benefits: Cybersecurity Staffing Shifts Gears to Bring in New Skill Sets

With millions of unfilled cybersecurity jobs and security experts in high demand, chief information security officers (CISOs) are starting to think outside the box to bridge the skills gap. Already, initiatives such as outsourced support and systems automation are making inroads to reduce IT stress and improve efficiency — but they’re not enough to drive long-term success.

Enter the next frontier for forward-thinking technology executives: Soft skills.

How Important Are Soft Skills in the Enterprise?

Soft skills stem from personality traits and characteristics. Common examples include excellent communication, above-average empathy and the ability to demystify tech jargon, as opposed to the certifications and degrees associated with traditional IT skills.

Historically, IT organizations have prioritized harder skills over their softer counterparts — what good is empathy in solving storage problems or improving server uptime? However, as noted by Forbes, recent Google data revealed measurable benefits when teams contain a mix of hard and soft skills. The search giant found that the “highest-performing teams were interdisciplinary groups that benefited heavily from employees who brought strong soft skills to the collaborative process.”

How Can Companies Quantify Qualitative Skill Sets?

Soft skills drive value, but how can organizations quantify qualitative characteristics? Which skill sets offer the greatest value for corporate objectives?

When it comes to prioritization, your mileage may vary; depending on the nature and complexity of IT projects, different skills provide different value. For example, long-term projects that require cross-departmental collaboration could benefit from highly communicative IT experts, while quick-turnaround mobile application developments may require creative thinking to identify potential security weaknesses.

According to Tripwire, there is some industry consensus on the most sought-after skills: Analytical thinking tops the list at 65 percent, followed by good communication (60 percent), troubleshooting (59 percent) and strong ethical behavior (58 percent). CIO calls out skills such as in-house customer service, a collaborative mindset and emotional intelligence.

Start Your Search for Soft Cybersecurity Skills

The rise of soft skills isn’t happening in a vacuum. As noted by a recent Capgemini study, “The talent gap in soft digital skills is more pronounced than in hard digital skills,” with 51 percent of companies citing a lack of hard digital skills and 59 percent pointing to a need for softer skill sets. CISOs must strive to create hiring practices that seek out soft-skilled applicants and a corporate culture that makes the best use of these skills.

When it comes to hiring, start by identifying a shortlist of skills that would benefit IT projects — these might include above-average communication, emotional aptitude or adaptability — then recruit with these skills in mind. This might mean tapping new collar candidates who lack formal certifications but have the drive and determination to work in cybersecurity. It also means designing an interview process that focuses on staff interaction and the ability of prospective employees to recognize and manage interpersonal conflict.

It’s also critical to create a plan for long-term retention. Enterprises must create IT environments that maximize employee autonomy and give staff the ability to implement real change. Just like hard skills, if soft skills aren’t used regularly they can decay over time — and employees won’t wait around if companies aren’t willing to change.

Cultivate Relationships Between Humans and Hardware

Just as IT certifications are adapting to meet the demands of new software, hardware and infrastructure, soft skills are also changing as technology evolves. Consider the rise of artificial intelligence (AI): Often portrayed positively as a key component of automated processes and negatively as an IT job stealer, there’s an emerging need for IT skills that streamline AI interaction and fill in critical performance gaps.

As noted by HR Technologist, tasks that require emotional intelligence are naturally resistant to AI. These include everything from delivering boardroom presentations to analyzing qualitative user feedback or assisting staff with cybersecurity concerns. Here, the human nature of soft skills provides their core value: Over time, these skills will set employees apart from their peers and organizations apart from the competition. Enterprises must also court professionals capable of communicating with AI tools and human colleagues with equal facility. These soft-centric characteristics position new collar employees as the bridge between new technologies and existing stakeholder expectations.

It’s Time to Prioritize Softer Skill Sets

There’s obviously solid value in soft skills — according to a study from the University of Michigan, these skills offer a 256 percent return on investment (ROI). For CISOs, the message is clear: It’s time to prioritize softer skill sets, re-evaluate hiring and recruitment practices, and prepare for a future where the hard skills of AI-enhanced technology require a soft balance to drive cybersecurity success.

The post Soft Skills, Solid Benefits: Cybersecurity Staffing Shifts Gears to Bring in New Skill Sets appeared first on Security Intelligence.

This post appeared first on Security Intelligence
Author: Douglas Bonderud