Application isolation provides the last line of defence in the new security stack and is the only way to tame the spiralling labour costs that result from detection-based solutions . hand , organisations can close any gaps in security , provide helpful information to any customers that may have been affected and put executives ’ minds at ease .
“ Today , the vast majority of data breaches start with a hacker stealing the credentials of a legitimate user in a bid to evade traditional threat detection tools . Because of this , many businesses
Azeem Aleem , Global Director of Worldwide Advanced Cyber Defence Practice at RSA Security breach can have a huge business impact , so mitigating this risk is a must .
“ However , security breaches are in some ways inevitable , which is why monitoring and network surveillance is so important . If the worst happens and a breach occurs , businesses must be in a position to identify and remediate the threat quickly , before the hacker is able to exfiltrate data , insert backdoors or cause too much damage . They also need to be able to reconstruct the incident quickly and determine exactly what data has been accessed and how much has been extracted . By having this information to have started to use SIEM tools to spot anomalies in user behaviour . The problem is , standard SIEM solutions that monitor internal networks and beam up thousands of alerts to the security team often create more issues than they solve . Organisations need an evolved SIEM that not only takes advantage of machine learning and behavioural analytics to identify threats quickly but also overlays insight about the key risk areas in a business .
“ It should then scale up security for these business-critical assets accordingly , to create a ‘ live threat matrix ’. This business-driven security ensures that these key assets are afforded the highest levels of security when the hackers inevitably come knocking .” u www . intelligentciso . com | Issue 02
75