Blog

Get news about our products, which events we are attending plus industry insights and commentary

Cyber Threat Visibility: Which threats should defenders be looking for?

Written by Sarah Chandley on Monday, 03 December 2018. Posted in Cyber

A network security team can only fight what they can see, an organisation’s network security depends on their ability to rapidly detect and respond to emerging threats across their infrastructure, whether that is Tier 1 Operator, Enterprise or Cloud Provider. However, attack methods and strategies are constantly evolving, making threat detection an always-moving target. A good base to start from is understanding what type of threats may lurking in your network, these threats look very different depending on throughput of network traffic.

Effective cyber threat visibility, starts with real-time network security monitoring and behavioural analysis which gives system analysts a single pane of glass to look through to determine which threats pose the most amount of risk and which do not. For instance, an SME’s cyber security strategy is very different to that of a Tier 1 Operator, an SME’s strategy will look to detect threats such as Keyloggers, phishing e-mails and spam. Whereas for a Tier 1 Operator their biggest concerns may be a high volume DDoS attack or Cryptojacking.  

Telesoft’s CTO Martin Rudd has put together a threat calculator based on the type and size of your network, so you can see the type of modern cyber threats that pose a risk to your organisations network security, he developed this concept from his research in Big Data Analytics, Network Visibility & Analytics and NetFlow Probe product development. The scale of the challenge facing defenders is observable in the ever-increasing number of breaches and security incidents. It’s there in the amount of spending on cyber security tools and annual budgetary increases to protect vital assets. It’s there when names like WannaCry and Wypr become part of the popular culture and Stuxnet gets the documentary treatment from an Oscar-winning director. Those hit with an attack face many losses such as financial hits from the attack itself or in fines, plus they can quickly lose the trust of the market, forfeit a good proportion of their reputation for poor management, and will see the overall value of their brand drop. 

As part of this project we wanted to include the perspective of those with expert knowledge, so asked a couple of top cyber security experts their thoughts on evolution of the threat detection and what that means for IT Security Professionals.

“More than anything, the overall maturity of large organization's InfoSec program dictates how proactive they are, or can be, in stopping identified threats. This has a lot to do with their level of visibility into their own IT environment and their ability to react quickly to incoming attacks — specifically comprehensively deploying patches against newly published vulnerabilities. From my experience, it seems on the average most everyone is being pushed to steadily improve year after year. What’s been most interesting is that in my experience, a year or more after a large organization is breached, they tend to become far more secure than the average”. Jeremiah Grossman, CEO Bit Discovery and Professional Hacker (@jeremiahg)

 “Companies are investing in strategies to stop attacks at various points before an attacker can obtain his or her objective. Phishing, malware, and other attacks are prevented as best as possible with filtering, endpoint protection, and training, but even the best defense will still result in some attackers getting in. That is why companies deploy other technologies and services to monitor systems and networks and detect anomalies.

Furthermore, watching the pulse of today’s enterprise requires monitoring systems to extend across the enterprise’s myriad platforms, from corporate networks to the cloud. Alerts from monitoring systems are often combined with automated and manual incident response activities designed to stop attackers from leveraging system access or stolen credentials in a data breach or other cybersecurity threat. Today’s CIO’s, CISO’s and CSO’s know that it takes a 360-degree approach to detect today’s threats and robust incident response to stop cybercriminals from achieving their goals”. Eric Vanderburg, Cybersecurity, Privacy, and Tech Leader, Author, Consultant, and Speaker, VP (@evanderburg).

Follow Telesoft on social media to stay up-to-date with the latest cyber security news, whitepapers and blog posts. 

 

About the Author

Sarah Chandley

Sarah Chandley

Sarah is an experienced B2B technology marketing professional, creating content for the Cyber Security, Telco and Government Infrastructure sectors. 

Information cookies

Cookies are short reports that are sent and stored on the hard drive of the user's computer through your browser when it connects to a web. Cookies can be used to collect and store user data while connected to provide you the requested services and sometimes tend not to keep. Cookies can be themselves or others.

There are several types of cookies:

  • Technical cookies that facilitate user navigation and use of the various options or services offered by the web as identify the session, allow access to certain areas, facilitate orders, purchases, filling out forms, registration, security, facilitating functionalities (videos, social networks, etc..).
  • Customization cookies that allow users to access services according to their preferences (language, browser, configuration, etc..).
  • Analytical cookies which allow anonymous analysis of the behavior of web users and allow to measure user activity and develop navigation profiles in order to improve the websites.

So when you access our website, in compliance with Article 22 of Law 34/2002 of the Information Society Services, in the analytical cookies treatment, we have requested your consent to their use. All of this is to improve our services. We use Google Analytics to collect anonymous statistical information such as the number of visitors to our site. Cookies added by Google Analytics are governed by the privacy policies of Google Analytics. If you want you can disable cookies from Google Analytics.

However, please note that you can enable or disable cookies by following the instructions of your browser.