Thwarting Cybersecurity Threats With Behavioral Analytics in 2017
Buy the books at
www.amazon.com/author/paulbabicki
====================================================
Thwarting cybersecurity threats
with behavioral analytics in 2017
Companies are investing more money in emerging technologies that can help
anticipate and detect a variety of threats, including phishing scams and
advanced persistent threats, both of which are weighing heavily on the minds’
of corporate board members. For 2017 CIOs are eyeing tools that use
anomaly-detecting analytics and machine learning algorithms to protect their
companies’ data.
“Our level of investments is increasing because of the increasing
capabilities of the threat actors,” says Bob Worrall, CIO of Juniper Networks,
who spent 12 percent more on cybersecurity tools in 2016 that he spent in 2015.
His budget will increase more in 2017 as he purchases tools to shield Juniper’s
corporate data and intellectual property. “As the bad guys get smarter we have
to as well.”
Bob Worrall, CIO of Juniper Networks.
Cybersecurity spending has seen a significant uptick since the watershed
2013 breach at Target and has continued throughout massive breaches at Home
Depot, Anthem and Sony Pictures. The latest high-profile corporate victim is
Yahoo, which reported in September that hackers had pilfered account
information of more than 500 million customers and revealed last week that hackers made off
with information on 1 billion users in 2013. The distinct hacks leveraged flaws in Yahoo's defenses,
including a cryptography standard many experts deemed insufficient.
The omnipresent threats, in which perpetrators sometimes burrow into
networks and quietly steal information for several months or years, are why Gartner
says cybersecurity spending will top $82 billion in 2016, an 8
percent hike from 2015. Concerned CIOs are imploring corporate boards to let
them invest in cutting-edge technology that protect and thwart attacks.
Proactive protection is the key
Worrall says he currently uses three predictive analytics tools that detect
anomalous network access, such as when someone using an employee’s valid
Juniper credentials accesses information they don't normally access for work.
Such digital forensics can also determine whether the malicious actor was
pinging the network from another country, as well as other details that help
"stitch together various events and detect anomalous behavior humans
couldn’t detect," Worrall says. Each of Juniper’s behavioral analytics
tools fills a gap in network protection, says Worrall, who declined to name the
tools because he did not to invite hackers to probe his security defenses.
Mike Kail, chief innovation officer at Cybric.
Using artificial intelligence and machine learning technologies will help
companies take a more proactive approach to corporate defense, says Mike Kail,
chief innovation officer at startup Cybric, which focuses on integrating
security as software is created.
But Kail, who was Yahoo's CIO when the first hack purportedly tool place,
says that companies must integrate such tools with technologies and business
processes for validating user authentication and authorization. He says that
such a solution could leverage blockchain, the digital ledger software that
ensures trust between parties exchanging cryptocurrencies such as Bitcoin, will
emerge in 2017.
Boards free up budget but expect proof of protection
It’s no secret that boards are loosening the purse strings for
cybersecurity but CIOs will continue to struggle to balance their cyber
investments against managing risks to their businesses. Put another way: The
choice between what to buy, implement and tune first -- the shiny new
behavioral analytics platform or the latest and greatest business email
compromise stopper -- poses prioritization challenges many CIOs aren't
accustomed to in this age of cyber warfare.
Worrall says that even if their boards allocate more funds for
cybersecurity, CIOs need to beware of budget abuse. Those who take the “sky is
falling” approach become chicken little, he says. One advantage Worrall has
working for a networking technology company is that his tech savvy board grasps
the intricacies of cyber defense.
"I can have a conversation about risks at a technical level many of my
CIOs peers can’t at other organizations," Worrall says. He says he is
fortunate that he can discuss business risks with his board that focus on
mitigating risks to the point of immateriality rather than the cost of cyber
tools.
Evidence that boards have become more attuned to cyber risk has
materialized in executive recruitment, where companies are looking for savvy
leaders who can articulate security risks in a way that business leaders can
easily grasp.
Gerry McNamara, global managing director of the information officers
practice at executive recruiter Korn/Ferry International, says that his
corporate boards are interested in finding CIO and CISOs candidates who can
help accelerate their businesses’ cyber profiles relative to their peers.
“The boards are really engaged in digital and cyber right now, asking:
Where are we on cyber? Are we protected? Are we keeping our information
private? How do you know that it is? Prove to me that it is,” McNamara says.
“We have a lot of work going on in cyber mapping of talent.”
Unfortunately, even the best talent and the latest technologies aren’t
enough in an era when politicians such as John Podesta and the other folks at
DNC as well as top executives can be duped to click on a malicious email whose
origin and content appear innocuous, or a user puts the wrong USB into their
PC.
“What we’ve all learned unfortunately is that humans are the weakest link
in security,” Worrall says. “You can put up the biggest castle wall but as soon
as one person connects an infected laptop to the network, it’s game over.”
This story, "Thwarting cybersecurity threats with behavioral analytics
in 2017" was originally published by CIO.
Join the Network World communities on Facebook and LinkedIn to comment on topics that are top
of mind.
=====================================================================Good Netiquette And A Green Internet To All!
=====================================================================
Tabula Rosa Systems - Tabula Rosa Systems (TRS) is dedicated to providing Best of Breed Technology and Best of Class Professional Services to our Clients. We have a portfolio of products which we have selected for their capabilities, viability and value. TRS provides product, design, implementation and support services on all products that we represent. Additionally, TRS provides expertise in Network Analysis, eBusiness Application Profiling, ePolicy and eBusiness Troubleshooting. We can be contacted at:
===============================================================
In addition to this blog, Netiquette IQ has a website with great assets which are being added to on a regular basis. I have authored the premiere book on Netiquette, “Netiquette IQ - A Comprehensive Guide to Improve, Enhance and Add Power to Your Email". My new book, “You’re Hired! Super Charge Your Email Skills in 60 Minutes. . . And Get That Job!” has just been published and will be followed by a trilogy of books on Netiquette for young people. You can view my profile, reviews of the book and content excerpts at:
www.amazon.com/author/paulbabicki
Anyone who would like to review the book and have it posted on my blog or website, please contact me paul@netiquetteiq.com.
In addition to this blog, I maintain a radio show on BlogtalkRadio and an online newsletter via paper.li.I have established Netiquette discussion groups with Linkedin and Yahoo. I am also a member of the International Business Etiquette and Protocol Group and Minding Manners among others. I regularly consult for the Gerson Lehrman Group, a worldwide network of subject matter experts and I have been contributing to the blogs Everything Email and emailmonday . My work has appeared in numerous publications and I have presented to groups such as The Breakfast Club of NJ and PSG of Mercer County, NJ.
Additionally, I am the president of Tabula Rosa Systems,
a “best of breed” reseller of products for communications, email,
network management software, security products and professional
services. Also, I am the president of Netiquette IQ. We are currently developing an email IQ rating system, Netiquette IQ, which promotes the fundamentals outlined in my book.
Over the past twenty-five years, I have enjoyed a dynamic and successful career and have attained an extensive background in IT and electronic communications by selling and marketing within the information technology marketplace
No comments:
Post a Comment