By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
SmartData CollectiveSmartData Collective
  • Analytics
    AnalyticsShow More
    data Analytics instagram stories
    Data Analytics Helps Marketers Make the Most of Instagram Stories
    15 Min Read
    analyst,women,looking,at,kpi,data,on,computer,screen
    What to Know Before Recruiting an Analyst to Handle Company Data
    6 Min Read
    AI analytics
    AI-Based Analytics Are Changing the Future of Credit Cards
    6 Min Read
    data overload showing data analytics
    How Does Next-Gen SIEM Prevent Data Overload For Security Analysts?
    8 Min Read
    hire a marketing agency with a background in data analytics
    5 Reasons to Hire a Marketing Agency that Knows Data Analytics
    7 Min Read
  • Big Data
  • BI
  • Exclusive
  • IT
  • Marketing
  • Software
Search
© 2008-23 SmartData Collective. All Rights Reserved.
Reading: Attackers Are in Your Network: Leverage Big Data to Get Them Out
Share
Notification Show More
Aa
SmartData CollectiveSmartData Collective
Aa
Search
  • About
  • Help
  • Privacy
Follow US
© 2008-23 SmartData Collective. All Rights Reserved.
SmartData Collective > Big Data > Attackers Are in Your Network: Leverage Big Data to Get Them Out
Big Data

Attackers Are in Your Network: Leverage Big Data to Get Them Out

Lancope
Last updated: 2015/07/29 at 8:00 AM
Lancope
7 Min Read
Image
SHARE

ImageIn a survey by the SANS Institute, 55 percent of respondents said that up to 30 percent of their security incidents this year should have been detected by perimeter security measures but weren’t.

ImageIn a survey by the SANS Institute, 55 percent of respondents said that up to 30 percent of their security incidents this year should have been detected by perimeter security measures but weren’t. The truth is that today’s attackers have become skilled at bypassing conventional defenses, which can no longer be solely counted on to protect enterprise networks. While still necessary, these tools now need to be bolstered by more advanced defensive strategies that are more closely aligned with the advanced techniques being used by attackers.

Protection from the Inside Out

Various terms have been applied to the concept, but on a basic level, organizations need to stop looking only at the outside of their network and instead investigate what is going on inside in order to truly protect their critical assets and data. We’ve established that attackers are easily infiltrating today’s networks – and according to the Ponemon Institute, malicious attacks take an average of 80 days to discover and 123 days to resolve. This timeline is way too long if we wish to keep confidential and proprietary data out of the hands of attackers.

More Read

smart home data

7 Mind-Blowing Ways Smart Homes Use Data to Save Your Money

What to Know Before Recruiting an Analyst to Handle Company Data
Tackling Bias in AI Translation: A Data Perspective
Data Ethics: Safeguarding Privacy and Ensuring Responsible Data Practices
Banks Merge Data Mining and CRM Tools to Boost Profitability

While tools like SIEM and full packet capture can provide slices of visibility into the network, their scope is limited and they can be extremely time-consuming and cost-prohibitive if widely deployed. The best way to obtain comprehensive network visibility is by leveraging existing resources – or, as Cisco calls it, using your “Network as a Sensor.”

Routers, switches, firewalls and other network infrastructure devices inherently provide data on all transactions happening across a network via a protocol called NetFlow (as well as several NetFlow variants). Organizations can unlock the power of NetFlow by simply enabling it, and then collecting and analyzing it with a flow monitoring tool such as Lancope’s StealthWatch System.

From Big Data to Actionable Intelligence

When fully leveraged, NetFlow data can reveal countless valuable details about your network assets and behavior – who is talking to who, how much traffic is being transmitted, which devices and applications are being used, etc. It’s essentially Big Data for your network. This data can be used to build a baseline of normal network communications, and then reveal when something looks suspicious. Having this type of in-depth insight into your daily network goings-on is critical for effective threat detection, incident response and post-incident forensic investigations.

Beyond providing visibility, some flow monitoring tools can also distill this plethora of data into streamlined intelligence, finding the security “needle in the haystack” and automatically alarming on significant events that may indicate a threat. This is a concept known as security analytics, or context-aware security analytics for tools that also pull in supplemental data such as user identity, security policies, device specifications, known threats and so on.

Context-aware security analytics combine various sources of data, run the data through algorithms and compare it to historical network traffic trends to trigger more accurate alarms. Basically, security analytics turn Big Data into actionable intelligence without the hundreds of false positives that can result from less sophisticated tools. Armed with this intelligence, organizations can more seamlessly fend off network attacks – no matter if it’s malware, APTs, insider threats or a DDoS attempt. All of these attack methods would be sensed by your network as potentially malicious communications.

For example, perhaps an insider is repeatedly trying to access restricted areas of your network. Or maybe unusually large amounts of data are being sent out of your network, or an internal host is communicating with a suspicious IP address in a foreign country. An effective network visibility and security analytics tool can pick up on these behaviors and alert administrators to investigate them further.

Security Analytics for Automated Incident Response

In addition to more accurately detecting attacks, security analytics can save IT teams countless hours of manual investigation associated with using a variety of point solutions to piece together the details of an attack. This way, the incident response process can become more automated and efficient, thwarting attacks before they turn into large-scale data breaches that make news headlines.

“Security analytics is becoming the primary defensive tool we have for discovering when breaches have occurred and shutting them down before massive damage is inflicted,” said Richard Stiennon, cyber security expert and Chief Research Analyst for IT-Harvest. “The breaches at Target and Sony are great examples of what can happen to organizations that don’t do this.”

Many organizations that have recently been breached have hired a third party to come in after the breach and clean things up. However, this approach is not ideal because, well, the organization has already been breached, and since third-party incident responders know nothing about the organization’s environment, it takes them countless hours and dollars to gather intelligence and figure out what happened. On the flip side, if an organization is regularly monitoring and analyzing its own network data with the right tools, the security team is better equipped to pinpoint and stop an attack while it’s still happening – avoiding the disastrous results and costs associated with a breach.

No matter what you call it, the intelligent use of network data will become even more critical for security as organizations dive into new infrastructure projects such as cloud, SDN, IoT and BYOD. By enabling your network to be a security sensor, you can continue to detect a wide range of attack types regardless of how your architecture evolves. 

Lancope July 29, 2015
Share This Article
Facebook Twitter Pinterest LinkedIn
Share

Follow us on Facebook

Latest News

smart home data
7 Mind-Blowing Ways Smart Homes Use Data to Save Your Money
Big Data
ai low code frameworks
AI Can Help Accelerate Development with Low-Code Frameworks
Artificial Intelligence
data Analytics instagram stories
Data Analytics Helps Marketers Make the Most of Instagram Stories
Analytics
data breaches
How Hospital Security Breaches Devastate Local Communities
Policy and Governance

Stay Connected

1.2k Followers Like
33.7k Followers Follow
222 Followers Pin

You Might also Like

smart home data
Big Data

7 Mind-Blowing Ways Smart Homes Use Data to Save Your Money

7 Min Read
analyst,women,looking,at,kpi,data,on,computer,screen
Analytics

What to Know Before Recruiting an Analyst to Handle Company Data

6 Min Read
data perspective
Big Data

Tackling Bias in AI Translation: A Data Perspective

9 Min Read
Data Ethics: Safeguarding Privacy and Ensuring Responsible Data Practices
Best PracticesBig DataData CollectionData ManagementPrivacy

Data Ethics: Safeguarding Privacy and Ensuring Responsible Data Practices

7 Min Read

SmartData Collective is one of the largest & trusted community covering technical content about Big Data, BI, Cloud, Analytics, Artificial Intelligence, IoT & more.

data-driven web design
5 Great Tips for Using Data Analytics for Website UX
Big Data
ai is improving the safety of cars
From Bolts to Bots: How AI Is Fortifying the Automotive Industry
Artificial Intelligence

Quick Link

  • About
  • Contact
  • Privacy
Follow US
© 2008-23 SmartData Collective. All Rights Reserved.
Go to mobile version
Welcome Back!

Sign in to your account

Lost your password?