cancel
Showing results for 
Search instead for 
Did you mean: 
Create Post

Attackers are Fast & Smart! Are you?

Level 14

If you’re a security practitioner, you should be reading this.

The 2013 Data Breach Investigations Report (DBIR) has published some alarming statistics that question us on our preparedness to combat new-age security attacks. The speed and sophistication of today’s attacks and new threat vectors being introduced are causing financial and reputational disasters across various geographies and organizations.

The report found that:

  • 19% of breaches combined phishing, malware, hacking, and entrenchment. This is known as the Assured Penetration Technique.
  • 78% of intrusions took little or no specialist skills or resources. This means companies weren’t prepared enough and had no preventive mechanism in place.
  • 66% of breaches remained undetected for months. Imagine the loss of data and resources during this period!
  • 84% of intrusions took just minutes to inflict damage. This means the threat response systems employed in companies were weak and slow to respond.

These meaningful numbers reinforce the need to be prepared for today’s advanced attacks. Most organizations don’t know how effectively their security systems avert threats and counter breaches and intrusions. The best place to start fishing for clues is the wealth of logs generated from various entities in the IT infrastructure.

Logs are the Means to an Actionable End

Logs provide a wealth of information about virtually everything that’s happening on your network. It’s only wise to take advantage of what’s available in the logs and get better visibility into the problems and security vectors that are impacting your IT infrastructure. You can achieve comprehensive log management and analysis by:

  • Aggregating log data from various disparate sources on your IT environment
  • Correlating the collected logs to obtain meaningful information about device and user activity on your network
  • Setting up alerting to automatically notify you if there’s a suspicious or non-compliant activity on your network and systems
  • Programming automated active responses to counter and prevent threats in real time

Go SIEM…

Security Information & Event Management (SIEM) tools provide all the protection you need to detect, alert, and respond to attacks by preventing or containing them. SIEM tools will further help you analyze log data for advanced incident awareness and perform event forensics to isolate the root cause of a threat or attack. For a full-function SIEM virtual appliance, try SolarWinds Log & Event Manager. Our solution will enhance your IT security and prepare you to face the onslaught of sophisticated zero-day attacks.

1 Comment
Level 15

Thanks for the posting. 

About the Author
Vinod Mohan is a Senior Product Marketing Manager at DataCore Software. He has over a decade of experience in product, technology and solution marketing of IT software and services spanning application performance management, network, systems, virtualization, storage, IT security and IT service management (ITSM). In his current capacity at DataCore, Vinod focuses on communicating the value proposition of software-defined storage to IT teams helping them benefit from infrastructure cost savings, storage efficiency, performance acceleration, and ultimate flexibility for storing and managing data. Prior to DataCore, Vinod held product marketing positions at eG Innovations and SolarWinds, focusing on IT performance monitoring solutions. An avid technology enthusiast, he is a contributing author to many popular sites including APMdigest, VMblog, Cyber Defense Magazine, Citrix Blog, The Hacker News, NetworkDataPedia, IT Briefcase, IT Pro Portal, and more.