By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
SmartData Collective
  • Analytics
    AnalyticsShow More
    data analytics in sports industry
    Here’s How Data Analytics In Sports Is Changing The Game
    6 Min Read
    data analytics on nursing career
    Advances in Data Analytics Are Rapidly Transforming Nursing
    8 Min Read
    data analytics reveals the benefits of MBA
    Data Analytics Technology Proves Benefits of an MBA
    9 Min Read
    data-driven image seo
    Data Analytics Helps Marketers Substantially Boost Image SEO
    8 Min Read
    construction analytics
    5 Benefits of Analytics to Manage Commercial Construction
    5 Min Read
  • Big Data
  • BI
  • Exclusive
  • IT
  • Marketing
  • Software
Search
© 2008-23 SmartData Collective. All Rights Reserved.
Reading: Attackers Are in Your Network: Leverage Big Data to Get Them Out
Share
Notification Show More
Latest News
data analytics in sports industry
Here’s How Data Analytics In Sports Is Changing The Game
Big Data
data analytics on nursing career
Advances in Data Analytics Are Rapidly Transforming Nursing
Analytics
data analytics reveals the benefits of MBA
Data Analytics Technology Proves Benefits of an MBA
Analytics
anti-spoofing tips
Anti-Spoofing is Crucial for Data-Driven Businesses
Security
ai in software development
3 AI-Based Strategies to Develop Software in Uncertain Times
Software
Aa
SmartData Collective
Aa
Search
  • About
  • Help
  • Privacy
Follow US
© 2008-23 SmartData Collective. All Rights Reserved.
SmartData Collective > Big Data > Attackers Are in Your Network: Leverage Big Data to Get Them Out
Big Data

Attackers Are in Your Network: Leverage Big Data to Get Them Out

Lancope
Last updated: 2015/07/29 at 8:00 AM
Lancope
7 Min Read
Image
SHARE

ImageIn a survey by the SANS Institute, 55 percent of respondents said that up to 30 percent of their security incidents this year should have been detected by perimeter security measures but weren’t.

ImageIn a survey by the SANS Institute, 55 percent of respondents said that up to 30 percent of their security incidents this year should have been detected by perimeter security measures but weren’t. The truth is that today’s attackers have become skilled at bypassing conventional defenses, which can no longer be solely counted on to protect enterprise networks. While still necessary, these tools now need to be bolstered by more advanced defensive strategies that are more closely aligned with the advanced techniques being used by attackers.

Protection from the Inside Out

Various terms have been applied to the concept, but on a basic level, organizations need to stop looking only at the outside of their network and instead investigate what is going on inside in order to truly protect their critical assets and data. We’ve established that attackers are easily infiltrating today’s networks – and according to the Ponemon Institute, malicious attacks take an average of 80 days to discover and 123 days to resolve. This timeline is way too long if we wish to keep confidential and proprietary data out of the hands of attackers.

More Read

data analytics in sports industry

Here’s How Data Analytics In Sports Is Changing The Game

Advances in Data Analytics Are Rapidly Transforming Nursing
Data Analytics Helps Marketers Substantially Boost Image SEO
Data Visualization Boosts Business Scalability with Sales Mapping
Data-Driven Marketing Offers Huge Benefits for Landscapers

While tools like SIEM and full packet capture can provide slices of visibility into the network, their scope is limited and they can be extremely time-consuming and cost-prohibitive if widely deployed. The best way to obtain comprehensive network visibility is by leveraging existing resources – or, as Cisco calls it, using your “Network as a Sensor.”

Routers, switches, firewalls and other network infrastructure devices inherently provide data on all transactions happening across a network via a protocol called NetFlow (as well as several NetFlow variants). Organizations can unlock the power of NetFlow by simply enabling it, and then collecting and analyzing it with a flow monitoring tool such as Lancope’s StealthWatch System.

From Big Data to Actionable Intelligence

When fully leveraged, NetFlow data can reveal countless valuable details about your network assets and behavior – who is talking to who, how much traffic is being transmitted, which devices and applications are being used, etc. It’s essentially Big Data for your network. This data can be used to build a baseline of normal network communications, and then reveal when something looks suspicious. Having this type of in-depth insight into your daily network goings-on is critical for effective threat detection, incident response and post-incident forensic investigations.

Beyond providing visibility, some flow monitoring tools can also distill this plethora of data into streamlined intelligence, finding the security “needle in the haystack” and automatically alarming on significant events that may indicate a threat. This is a concept known as security analytics, or context-aware security analytics for tools that also pull in supplemental data such as user identity, security policies, device specifications, known threats and so on.

Context-aware security analytics combine various sources of data, run the data through algorithms and compare it to historical network traffic trends to trigger more accurate alarms. Basically, security analytics turn Big Data into actionable intelligence without the hundreds of false positives that can result from less sophisticated tools. Armed with this intelligence, organizations can more seamlessly fend off network attacks – no matter if it’s malware, APTs, insider threats or a DDoS attempt. All of these attack methods would be sensed by your network as potentially malicious communications.

For example, perhaps an insider is repeatedly trying to access restricted areas of your network. Or maybe unusually large amounts of data are being sent out of your network, or an internal host is communicating with a suspicious IP address in a foreign country. An effective network visibility and security analytics tool can pick up on these behaviors and alert administrators to investigate them further.

Security Analytics for Automated Incident Response

In addition to more accurately detecting attacks, security analytics can save IT teams countless hours of manual investigation associated with using a variety of point solutions to piece together the details of an attack. This way, the incident response process can become more automated and efficient, thwarting attacks before they turn into large-scale data breaches that make news headlines.

“Security analytics is becoming the primary defensive tool we have for discovering when breaches have occurred and shutting them down before massive damage is inflicted,” said Richard Stiennon, cyber security expert and Chief Research Analyst for IT-Harvest. “The breaches at Target and Sony are great examples of what can happen to organizations that don’t do this.”

Many organizations that have recently been breached have hired a third party to come in after the breach and clean things up. However, this approach is not ideal because, well, the organization has already been breached, and since third-party incident responders know nothing about the organization’s environment, it takes them countless hours and dollars to gather intelligence and figure out what happened. On the flip side, if an organization is regularly monitoring and analyzing its own network data with the right tools, the security team is better equipped to pinpoint and stop an attack while it’s still happening – avoiding the disastrous results and costs associated with a breach.

No matter what you call it, the intelligent use of network data will become even more critical for security as organizations dive into new infrastructure projects such as cloud, SDN, IoT and BYOD. By enabling your network to be a security sensor, you can continue to detect a wide range of attack types regardless of how your architecture evolves. 

Lancope July 29, 2015
Share this Article
Facebook Twitter Pinterest LinkedIn
Share

Follow us on Facebook

Latest News

data analytics in sports industry
Here’s How Data Analytics In Sports Is Changing The Game
Big Data
data analytics on nursing career
Advances in Data Analytics Are Rapidly Transforming Nursing
Analytics
data analytics reveals the benefits of MBA
Data Analytics Technology Proves Benefits of an MBA
Analytics
anti-spoofing tips
Anti-Spoofing is Crucial for Data-Driven Businesses
Security

Stay Connected

1.2k Followers Like
33.7k Followers Follow
222 Followers Pin

You Might also Like

data analytics in sports industry
Big Data

Here’s How Data Analytics In Sports Is Changing The Game

6 Min Read
data analytics on nursing career
Analytics

Advances in Data Analytics Are Rapidly Transforming Nursing

8 Min Read
data-driven image seo
Analytics

Data Analytics Helps Marketers Substantially Boost Image SEO

8 Min Read
data visualization for small business
Data Visualization

Data Visualization Boosts Business Scalability with Sales Mapping

7 Min Read

SmartData Collective is one of the largest & trusted community covering technical content about Big Data, BI, Cloud, Analytics, Artificial Intelligence, IoT & more.

ai in ecommerce
Artificial Intelligence for eCommerce: A Closer Look
Artificial Intelligence
ai is improving the safety of cars
From Bolts to Bots: How AI Is Fortifying the Automotive Industry
Artificial Intelligence

Quick Link

  • About
  • Contact
  • Privacy
Follow US

© 2008-23 SmartData Collective. All Rights Reserved.

Removed from reading list

Undo
Go to mobile version
Welcome Back!

Sign in to your account

Lost your password?