Detecting Unknown Threats and Reducing Response Times

Jun 28, 2013

Protecting enterprise operations from hacks, malware, targeted attacks, advanced persistent threats (APTs) and other malicious activity remains a challenge for organizations, large and small. The number of breaches continues to grow and shows no signs of slowing despite technology advances and a market flush with cybersecurity products. In fact, according to the 2013 Verizon Data Breach Investigations Report (DBIR), 66 percent of surveyed organizations didn’t discover security breaches until months after the fact, and 69 percent of these incidents were actually discovered by a third party.

This is due to overreliance on inherently handicapped prevention and alerting tools. Organizations are not able to see all the threats these tools routinely miss. In addition, once a threat is detected, response times are delayed, because there is no real-time collaboration among the various information security teams involved and no integration among the tools required to perform root cause analysis and remediation.

Rather than piecemeal different security products into a loosely coupled solution spread amongst security pros, organizations should implement a solution that integrates core security capabilities—network and computer forensics, malware analysis, large-scale data auditing and remediation—into a single Web-enabled user interface that can be accessed by multiple security teams. The industry is finally shifting focus to detecting unknown threats and reducing response time, and the only way to achieve this is through integrated analysis and real-time collaboration.