Time to Detection – Going Down but still a Gap

July 28, 2017 at 3:00 pm | Posted in Cyber Security | Leave a comment
Tags: , , ,

Another area discussed within the Cisco Mid-Year cyber security report is the time to detection of a breach.

In Security terms, the time taken from a breach happening to it being detected is now one of the key metrics that the industry prides itself in. In order to ensure that the attackers have as little time as possible in order to cause damage the time to detect needs to be as low as possible.

In immature security environments, it is entirely possible for attacks to remain undetected for months before it is realised that there has been a breach at all. Alternatively, even worse another party informs a company of a breach after discovering data on the internet.

In more mature security environments the time to detection is down to weeks rather than months but it is the cyber security industry and cisco in particular’s goal to get this number down to hours.

The most mature security environments are now down to around three and a half hours, which is a dramatic improvement of the nearly forty hours when Cisco started this research. However, there is still work to do as four hours is a long time for attackers to compromise a network and get what they want.

Leaving Burglars four hours to ransack your home is unacceptable and the same applies in cyber security.

The encryption traffic conundrum solved?

June 22, 2017 at 4:00 pm | Posted in Cyber Security | Comments Off on The encryption traffic conundrum solved?
Tags: , , , ,

A challenge that has risen in recent years is the rise of encryption on internet communication traffic. Many websites are now HTTPS, especially if you submit any private details.

It also means that many cyber criminals have also adopted encrypted traffic communication in order to protect themselves and make it harder for traditional security solutions to spot malware meaning that Malware spread through encrypted traffic has become a major source of data breaches.

Currently in order to deal with this threat vector the solution is to decrypt all files resulting in a potential trade-off between security and privacy.

Cisco however, has just announced a new approach by using analytics to analyse the intent of encrypted traffic and assess whether an encrypted file is in fact malicious. This is achievable by using Cisco Talos’ intelligence of current and suspected attack vectors.

Early trials are showing it to be extremely effective and I look forward to seeing it in person and in action soon as this could solve several issues that currently are challenges to the security industry.

Blog at WordPress.com.
Entries and comments feeds.