Category Archives: Threat Detection

cyber security, Intel, News & Analysis, Threat Detection

CIOs prioritize collaboration to increase security – Intel

a safe place to workIntel Security has released new findings which claims CIOs are targeting collaboration as a means to shore up defences against cyber threats.

Respondents to the survey believe their own organizations could be between 38-100% more secure if threat management and incident response personnel and systems could simply collaborate better. The team believe collaboration is one area which is often overlooked, with decision maker’s often favouring new threat detection or prevention tools, though security operations’ effectiveness can be increased through better collaboration between silos within the organization.

“Threat management contributions are almost evenly spread among different roles, but there are some notable areas of specialization,” the company stated in its “How Collaboration Can Optimize Security Operations” report. “Every handoff or transition can add significant operational overhead—along with the potential for confusion and chaos and delays in responding. But, on the upside, there is also huge potential for collaboration and increased efficiencies.”

The report states CIOs are still prioritizing new tools as a means to shore up their own perimeters, though collaborations technologies were not far behind in the rankings. 40% of the respondents highlighted their spend would be prioritized on better detection tools, 33% pointed towards preventative tools and 32% said improved collaboration between SOC analysts, incident responders and endpoint administrators.

One of the main challenges for these organizations is the process, accuracy and trust in communication. For a number of organizations data is shared manually and potentially reprocessed several times, increasing the possibility of inaccuracy. Automated collaboration tools ensure data is shared quickly and accurately through an array of different functions and responsibilities. “Trust arises from good communication, transparency, and accountability, all of which engender confidence in the outcome,” the report states.

The number of tools being used within these organizations is also a challenge, as data is often transferred between or collected centrally manually. The average number tools companies use to investigate and close an incident is four, though 20% of the respondents said they can use up to 20 different products to achieve the same aims, further increasing the challenge. Though larger and more geographically diverse organizations will by definition use more tools, the same principles of collaboration and automation apply, and in theory could increase the security of an organizations perimeter.

“Tougher new EU data privacy regulations, which are currently in the process of being modernized, will be implemented in 2017,” said Raj Samani, EMEA CTO for Intel Security, in the report. “Organizations will be legally required to implement a security architecture that ensures a secure and trustworthy digital exchange of data throughout the EU. Data privacy needs to be assured at every level and across the entire infrastructure. In light of that, improved incident investigation and response processes that bring together collaborative tools and teams are imperative.”

While most organizations are answering the threat of more advanced cyber threats with the implementation of more advanced defence solutions, collaboration is an area which could be seen as a complementary means. Collaboration can contribute to real-time visibility for various teams, improve execution capabilities, as well as speed of response.

Artificial intelligence, Dell, News & Analysis, Security Intelligence, Threat Detection

Dell Security targets small organizations with AI product launch

Dell office logoDell has launched a new AI-based security solution, Threat Defence, which has been designed specifically for smaller organizations with limited or no IT resource.

The new offering utilizes machine learning and AI technologies to prevent threats from entering an organizations perimeter, as opposed to simply detecting them once inside. Dell claims the new offering stops 99% of malware execution, as the machine learning components of the software will adapt and learn from the malware for future threat detection.

“Today’s malware attacks are non-discriminant and can impact organisations of all sizes,” said Brett Hansen, Executive Director for Data Security Solutions at Dell. “Smaller businesses are often at risk as traditional anti-virus and threat protection solutions can be resource intensive or beyond the means of growing businesses. With Dell Data Protection Threat Defence, Dell is addressing the needs of this under-served segment with an effective advanced threat prevention solution that is easy to manage and reflects the multi-platform reality of modern businesses.”

The launch builds on growing security concerns within world of smaller organizations, as a recent survey from Dell claimed 69% of SMB’s state data security is a burden on their company’s time and budget, with 65% holding back mobility plans due to ongoing security concerns. The Threat Defence aims to provide a more secure platform for businesses who want to become more mobile. Although Dell has a healthy reputation for security within the enterprise market, this is seemingly one of the first moves by the company to diversify the customer base, and reach into new market segments.

Additional features include a low-footprint, the company claims only 1-3% of CPU resources will be used, the ability to safe-list certain files and applications which have a tendency to throw out false-positives, as well the ability to upload suspicious files to the cloud for analysis. Through the analysis, Dell can update the software remotely to improve detection capabilities of malware crossing an organizations perimeter.

The offering will be available on a subscription basis in the United States and select countries around the world starting in mid-June 2016.