Modern threats respect no boundaries…and neither should your cyber security

In a new blog, Logtrust shares why modern threats require modern cyber security with the need for proactive real-time security across all layers. 

As enterprises ingest more data at higher speeds they naturally encounter more cyber threats. But while the challenge of speed and volume is daunting enough, according to TechTarget’s Dan Sullivan the difficulty is compounded by the fact that today’s attacks are “often dispersed across network devices, servers, application logs and endpoints.” Companies now have to plan for well-coordinated attacks that may come from thousands of endpoints simultaneously–if cyber attacks were video games, we’ve gone from Pong to Space Invaders to Call of Duty in terms of complexity and dimensionality.  

Heeding the “Call of Duty” in a high stakes battle

Distributed attacks aren’t new–security professionals have been talking about “blended threats” that occur over multiple attack vectors for some time now. However, such attacks are rapidly becoming more sophisticated. Consider for example distributed denial-of-service (DDoS) attacks which, according to Hacker News, are increasing in scale to exceed a terabit per second. Companies received a wake-up call recently when trusted DNS provider Dyn experienced one of the scariest DDoS attacks to date, which may have cost the company 8% of its business. Unfortunately it took an incident like this to make people start to understand how serious the new generation of cyber threats really is.  

A recent IBM study found that the average cost of a data breach has hit $4 million. However, the stakes are much higher than that. Such distributed, highly complex attacks have the potential to disrupt entire industries, putting our economy and even our national security in jeopardy. In a Focus 16 keynote Ted Koppel presented the nightmare scenario of a coordinated attack on IoT devices connected to the nation’s power grid, posing the risk of a massive, disabling outage. According to Koppel, it’s not a question of “if” but “when.” And in fact, a group of researchers in Israel recently simulated such an attack on “smart lightbulbs” that brought down power in a city block.

The Einsteinian era of cyber security

Einstein revolutionized physics by viewing time and space as part of a continuum, and we should take a similar approach to cyber security. With data coming from industrial sensors, consumer devices and social networks co-mingling with traditional ERP and CRM data, real-time big data security solutions need to be able to analyze millions of events per second across a wide variety of data sources. That’s the “space” part of it.

They must also correlate events taking place on multiple platforms, often at staggered intervals, employing statistical pattern learning to detect anomalous behavior and providing sandbox-style environments for forensic reconstructions. In real-time, organizations must be alerted to potentially threatening behavior on a particular end-point, and have the ability to instantly compare it to what has happened there previously. That’s the “time” portion of it, and it’s a vital component of identifying malicious activity and stopping it in its tracks.

For key takeaways and the "ART" of intelligent security, read the complete blog.