fbpx
Watch On-Demand: How to Prepare for GDPR

Watch On-Demand: How to Prepare for GDPR

by | Apr 16, 2018

GDPR, or General Data Privacy Regulation, will come into force on 25 May 2018. GDPR requires organizations to maintain a plan to detect data breaches, regularly evaluate the effectiveness of security practices, and document evidence of compliance. If you don’t already have the required security tools and controls in place, your organization will need to start planning now to achieve compliance and mitigate the risk of high fines for failing to comply.

In this webcast, AlienVault CISO John McLeod provides insights into how AlienVault has approached the GDPR compliance process internally, along with how the Unified Security Management® (USM) platform can help accelerate and simplify your path to compliance.

Watch this on-demand webcast now, and learn:

  • Best practices for approaching GDPR compliance
  • How to assess your level of readiness and build your roadmap to compliance
  • How a unified security toolset can both expedite and simplify this process

They’ll also provide a brief demo of the USM platform to illustrate some of the technical controls you need in place TODAY for compliance.

Watch Now!

GDPR, HIPAA, PCI, Etc.

Looking for a better way to address threat management and compliance? By working with a professional security services organization and a SIEM like AlienVault®, you will have a better way to detect threats.

Virtually every regulatory mandate requires some form of log management to maintain an audit trail of activity. By utilizing a SIEM, Cybriant provides a mechanism to rapidly and easily deploy a log collection infrastructure that directly supports this requirement. Ticketing and alerting capabilities also satisfy routine log data review requirements.

Get more value out of your SIEM while meeting compliance regulations – find out more about Cybriant Managed SIEM with Security Monitoring: https://www.cybriant.com/managed-siem/

Managed SIEM with Security Monitoring

Find out more
Legal Industry still playing catch up in Cybersecurity

Legal Industry still playing catch up in Cybersecurity

by | Mar 16, 2018

The legal industry is not necessarily the most prepared when it comes to cybersecurity, according to a new report. ALM Intelligence shows over the last three years:

  • 2015: Law firms and law departments were far behind the curve when it came to cybersecurity preparation and response.
  • 2016: Law firms playing catch up, and things were improving slightly as law departments were being held accountable for cyber attacks in their organizations.
  • 2017: This year’s research is showing that “the state of law firm and law department cybersecurity is still fractured: many continue to struggle with managing cyber threats.”

Clients have become more demanding. 82% of law firm respondents said that their clients are requiring them to upgrade their cybersecurity capabilities.

Why hackers target law firms

While the reasons may seem obvious, especially when it comes to high-profile corporate firms, here are three reasons why hackers target law firms:

  1. Large firms, especially those with over 100 lawyers, are targets because of the availability of large quantities of valuable and quality documents. By targeting law firms, they can quickly access such information as technical secrets, business strategies, and financial data for numerous clients.
  2. By handling the important information, Law firms provide a quick detour around information of little value. The information that attorneys have access to is the high-value information, which is more selective and valuable to hackers. By skipping the corporation and targeting their law firm, they more easily access the high-value data.
  3. Data security hasn’t traditionally been a priority at law firms. Larger law firms move at a fast pace and need access to information quickly. This means law firms may have sloppy or no data security practices in place.

What can be done

  • Get the lawyers on board
  • Compliance is not security
    • While certain cybersecurity tools will help you check off the necessary compliance audit questions, it doesn’t necessarily mean that you are secure. On the other hand, having a strong security foundation will help you ensure and simplify compliance.
  • Find vulnerabilities…and patch them
  • Protect those endpoints
  • Monitor, monitor, monitor
    • By using a SIEM (Security Information and Event Management) tool, you pull all the networks and systems together to create a complete picture of your infrastructure. And by having a dedicated team of experts to monitor that SIEM, you will be protected around the clock.

Find out more about PREtect – 5 essential cyber risk management services. 

Getting More Value out of your SIEM

Getting More Value out of your SIEM

by | Feb 7, 2018

Security information and event management, or SIEM, is designed to provide the complete security visibility organizations need to detect threats, respond to incidents, and accelerate their compliance programs. SIEM software works by aggregating security-relevant data from your environment, and applying event correlation rules to identify relationships among those data. These event correlation rules (also known as policies or filters) help you identify patterns that signal threats, policy violations, and other exposures.

Although the primary budget driver for SIEM software is compliance, the primary way that SIEM software is used is to identify and investigate security incidents. Spotting attacks in real-time, or soon after, requires a combination of data sources, as well as the latest threat intelligence from experienced security researchers, such as Cybriant.

SIEM Requires Expertise

Once you have made the decision regarding your SIEM purchase, a key challenge is the skilled use of your SIEM tool. If you do not have the knowledge or expertise to utilize a SIEM correctly, your SIEM may not work optimally. We’ve heard complaints about an organization’s SIEM when it may the way it was implemented or managed on a daily basis.

To work at peak performance, your SIEM needs continuous visibility, which could be more of an investment in time that your organization may be ready for. Our Managed Security service offers:

  • Real-time monitoring
  • Active event and incident correlation
  • Strategic Incident Response
  • Remediation Services

By moving the monitoring of your SIEM to an outside vendor like Cybriant, you will be able to expand your IT staff with security experts whose entire focus is security and compliance. This team will allocate time on a daily basis to effectively manage and monitor security infrastructure. We’ve already mastered all the capabilities needed to take full advantage of your SIEM implementation, let us take it over for you. We’ll continuously monitor, tune, and enhance your SIEM.

Most People Struggle with SIEM

We recently discussed that the average organization logs about 1,200 IT incidents per month, of which 5 will be critical. It is a challenge to wade through all the data generated by the events that lead to these incidents and prioritize dealing with them. In this survey, 70% say a past critical incident has caused reputational damage to their organization, underlining the importance of timely detection and to minimize impact.

Dealing with the volume of events generated by IT monitoring tools is a challenge.

52% say they just about manage, 13% struggle, and 1% are overwhelmed. Those with event management processes which enable them to easily manage the volume of events have a faster mean time to detect incidents and fewer duplicate and repeat incidents.

Two-thirds of those surveyed admit that dealing with the volume of events generated is a problem. Dealing with incidents distracts IT staff from other activities; beyond the IT department incidents impact business productivity and the customer experience.

Could you use a Hedgehog for your SIEM? 

 

What is Firewall Logging and Why is it Important?

Ready to Get More Value out of your SIEM?

Find Out How
State of the (Cybersecurity) Union

State of the (Cybersecurity) Union

by | Feb 1, 2018

The state of the cybersecurity union today is that all businesses – large or small – should assume the worst and prepare for cybersecurity attacks. It may be impossible to prepare for every potential attack, but you can create a foundation of security throughout your entire organization. Workforces are expanding and using more connected devices, which makes it even more difficult to maintain a human defense firewall.

According to a recent EY survey, many companies may not be prepared as they would like to be. In fact:

  • 87% of respondents say they need up to 50% more cybersecurity budget
  • 48% do not have a Security Operation Center, even though they are becoming increasingly common.
  • 17% of boards have sufficient cybersecurity knowledge for effective oversight of cyber risks.
  • 12% feel it is very likely they would detect a sophisticated cyber attack.
  • 57% do not have, or only have an informal threat intelligence program.
  • 89% say their cybersecurity function does not fully meet their organization’s needs.

Let’s talk about your threat surface

Phishing: You know that nation-states and terrorist groups are constantly out to get us. But, have you considered a poor decision made by an employee that thought a phishing email was an actual email?  We discussed recently that insider threats are the top threat to organizations. 1 in 131 emails contains malware and over 4,000 ransomware attacks occur daily.

Poor Patch Management: You might have heard about the infamous Equifax breach of 2017. That could have been prevented with a simple patch. 45% of companies are not using a dedicated patch management solution to distribute and manage software updates.

Vulnerabilities: 85% of successful hacks use the top 10 known exploits (meaning the companies did nothing about known vulnerabilities in their system). 8,000 vulnerabilities a year were disclosed over the past decade. It’s tough for an IT department to keep up with all of those. Gartner argues that the biggest threats are not the ones that risk causing the most damage to you, but simply the vulnerabilities in your organization’s environment that are being actively exploited “in the wild.

Mobile Cyber Attacks: In Q1 of 2017 alone, mobile ransomware attacks increased by  253%. And 66% of security professionals doubt their organization can prevent a breach of employees’ devices. For hackers, phishing is easy. And profitable. The average phishing attack costs a mid-sized company $1.6 million.

No Security Monitoring: Do you know the threats that are coming into your network? 81% of data breach victims do not have a system in place to self-detect data breaches. Another issue may be that you have a tool in place to detect security incidents, but do you have the expertise on staff to know how to detect and remediate those incidents?

The Financial Industry’s Biggest Threat

What is Firewall Logging and Why is it Important?

PREtect

Learn More
HAWK Network Defense Announces Partnership with Cybriant

HAWK Network Defense Announces Partnership with Cybriant

by | Jan 31, 2018

DALLAS (PRWEB) JANUARY 30, 2018

Today, HAWK Network Defense announces a partnership with Cybriant to provide cyber-risk management services to support the growing HAWK.io customer base. HAWK.io is the industry’s first cloud-based, multi-tenant big data security analytics (BDSA) platform. Cybriant’s Incident Response service and skilled professionals help organizations reduce the chance of incidents escalating into a crisis. Together HAWK and Cybriant bring real-time security analytics and professional support services in a cloud-based offering.

As the market moves to the cloud, the focus for cybersecurity services organizations shifts away from traditional reselling and implementation of security software and hardware and turns to services focused on incident monitoring, response, and management for clients. Organizations making strategic decisions to embrace cloud-based IT services and transition away from on-premise solutions are faced with a decision. Go with the standardized services of a traditional MSSP, or select a multitenant, cloud-based BDSA solution such as HAWK.io where they get a customized user experience. For the customer, this partnership with Cybriant fills the gap between incident detection and incident response with trained security professionals monitoring, researching and managing incidents with the customer to mitigate risk.

With HAWK.io, each subscriber individually benefits from HAWK.io’s patented artificial intelligence and security analytics technology to provide the most accurate real-time detection, validation, and prioritization of true security incidents. HAWK.io’s analytics engines deliver highly reliable security incidents to Cybriant’s experienced security professionals providing greater efficiency and effectiveness in responding to and mitigating threats to customer’s systems and data. Cybriant’s services will include customer onboarding to HAWK.io, as well as consulting and incident response/management services.

“Managing cyber incidents successfully requires two things – the right technology and the right expertise. Hawk.io provides in-depth analytics that can filter the noise of level 1 alerts enabling our analysts to identify real threats faster,” said Bill Brown, SVP of Cybriant. “Combining the Hawk.io technology with Cybriant’s 24×7 security monitoring creates a more effective team of incident responders which makes our clients more secure.

“The combination of HAWK.io’s highly accurate analytics Cybriant’s prowess in cybersecurity incident response services is a powerful solution for customers who are looking for comprehensive cloud-based cyber risk mitigation. HAWK.io automates the triage of security incidents effectively, allowing Cybriant’s experienced security experts to focus on mitigating the most critical risks first,” says David Harris, CEO of HAWK Network Defense.

For more information, contact:
Reed Harrison
HAWK Network Defense, Inc.
http://www.hawkdefense.com
rharrison(at)hawkdefense(dot)com

About Cybriant
Cybriant assists companies in making informed business decisions and sustaining operational effectiveness in the design, implementation, and management of their cybersecurity programs. We deliver a comprehensive and customizable set of strategic and adaptive cybersecurity services which address the entire security landscape. These services include assessment and planning, testing and hunting, SIEM management and security monitoring, perimeter and endpoint protection, and secure cloud networking. Cybriant also delivers support services for the secure maintenance, relocation, and disposition of physical and data assets. We make enterprise-grade cyber security services accessible to the Mid-Market and beyond. For more information, go to https://www.cybriant.com

About Hawk.io
HAWK Defense offers HAWK.io, the first true multi-tenant, cloud-based BDSA platform that provides leading-edge BDSA functionality for an affordable subscription-based pricing model. HAWK.io is designed to have fast and simple onboarding of users and devices helping customers avoid lengthy, expensive deployments and results in rapid time-to-value.

HAWK.iotm provides an innovative Big Data Security Analytics (BDSA) platform that allows enterprises to identify, validate and prioritize true security incidents. HAWK.io is the natural evolution of legacy SIEM to Big Data Analytics. The cloud-based solution features a massively scalable architecture that delivers high-speed data ingestion and a highly efficient patented analytics engine. HAWK.io customers benefit from rapid installation and setup times, simple administration, out-of-the-box analytics, and dynamic threat intelligence feeds. Learn more about HAWK.io at http://www.hawk.io or by visiting the company on Twitter and LinkedIn.