|By Bob Gourley||
|April 19, 2014 02:36 PM EDT||
By Bob Gourley
The following are some key technology considerations from an enterprise technology perspective:
- Over the years, CIOs, CTOs, CISOs and world class best cyber defense professionals have collaborated on the topic of best practices. These take the form of things like the NIST coordinated Special Publication 800-53 or the SANS coordinated 20 Critical Controls. Many other best practices exist for different domains of industry, for example, the credit card industry enforces PCI guidance. But in every case, following all controls and sticking with best practices never eliminates the threat. When a sophisticated adversary wants to breach your perimeter they get in. Technologies are needed that help in defense but more importantly help mitigate and remove malicious capabilities, since adversaries will get through.
- The controls mentioned above do lay a nice foundation for what is needed (to borrow a phrase from military strategy, these are “necessary but not sufficient” to success). Most enterprises now use a collection of enterprise security capabilities to help execute on their defense in depth strategies and they provide capabilities for the controls mentioned above. For a technology to make positive differences in this domain it must have a proven ability to work with the many existing enterprise security technologies and controls. Integration of the data from existing capabilities is a key need.
- When adversaries attack and get in it can take a long time before they are discovered. Analysis provided in the 2013 Verizon Data Breach Investigations Report underscores that the typical attack timeline has an adversary that gets into the enterprise fast, but then remain undetected for months. When detected it takes weeks or months for a well resourced/highly trained incident response team to mitigate the attack. Technologies are required that change this timeline to the defenders favor. When adversaries get in, tools are needed to rapidly spot them. And their actions, artifacts and malicious toolkits need to be removed at machine speed, before they have time to extract data.
- Attacks are expensive. A typical incident will cost millions of dollars to respond to. Smart integration of technologies, analysis of data from the enterprise, and removal of threat capabilities before data is exfiltrated can save millions by preventing adversary success, and can also improve enterprise functionality.
Requirements like those above drove the design and development of HawkEye-G by Hexis. HawkEye-G is a solution that builds on defense in depth, builds on rapid/real-time big data analysis, works well with all other enterprise technologies, provides policy-based/configurable automated threat response/removal capabilities, and helps incident response teams do their job quicker.
Read more on HawkEye-G Here.
Oct. 14, 2015 12:00 AM EDT Reads: 333
Oct. 14, 2015 12:00 AM EDT Reads: 369
Oct. 14, 2015 12:00 AM EDT Reads: 822
Oct. 13, 2015 11:15 PM EDT Reads: 254
Oct. 13, 2015 11:00 PM EDT Reads: 273
Oct. 13, 2015 11:00 PM EDT Reads: 350
Oct. 13, 2015 10:45 PM EDT Reads: 282
Oct. 13, 2015 10:30 PM EDT Reads: 232
Oct. 13, 2015 10:15 PM EDT Reads: 184
Oct. 13, 2015 09:00 PM EDT Reads: 504
Oct. 13, 2015 08:30 PM EDT Reads: 168
Oct. 13, 2015 08:00 PM EDT Reads: 280
Oct. 13, 2015 07:00 PM EDT Reads: 1,505
Oct. 13, 2015 07:00 PM EDT Reads: 287
Through WebRTC, audio and video communications are being embedded more easily than ever into applications, helping carriers, enterprises and independent software vendors deliver greater functionality to their end users. With today’s business world increasingly focused on outcomes, users’ growing calls for ease of use, and businesses craving smarter, tighter integration, what’s the next step in delivering a richer, more immersive experience? That richer, more fully integrated experience comes ab...
Oct. 13, 2015 06:15 PM EDT Reads: 1,234