LogRhythm Archives - Security IT Summit | Forum Events Ltd
  • Covid-19 – click here for the latest updates from Forum Events & Media Group Ltd

Security IT Summit Security IT Summit Security IT Summit Security IT Summit Security IT Summit

Posts Tagged :

LogRhythm

Cybersecurity in Financial Services: Remaining compliant and reducing risk with automation

960 640 Guest Post

By LogRhythm

Businesses in the financial services sector have to manage enormous risk, wealth and personally identifiable information (PII), all while meeting strict regulatory requirements.  

As the proliferation of financial data continues to grow, organizations face the task of continuously protecting that information and keeping it secure, while maintaining a reputation in the financial sector. Despite this, many security teams lack the resources and funding to keep up with the evolving threat landscape and ecosystem of regulatory compliance rules.

The Complexity of Complying

For financial services organizations, cybersecurity is about minimising risk for both the customers and the business. This includes compliance, it is vital organizations reduce the possibility of further fines or other penalties by implementing security measures. 

On top of this, security teams are often attempting to mitigate threats manually, increasing effort and stress. Analysts need to eliminate the time spent writing scripts, building rules and creating reports to allow focus on evolving attacks.

Automating Processes for Financial Security

Implementing prebuilt content which is specifically mapped to the individual controls of each regulation enables instant results that do the heavy lifting for you. Combining compliance automation software with Security Information and Event Management (SIEM) gives analysts the resources to comply with necessary mandates more efficiently and effectively than previous manual processes. A SIEM platform can facilitate security teams to improve detection, mitigation and response capabilities.

Furthermore, automation systems allow workflows to be more streamlined to help analysts combat evolving threats by removing manual tasks and enriching data with contextual details consistently.

An Expanding Compliance Environment

Looking forward, the financial sector is expected to face continued vulnerabilities in its technological offerings, both online and traditional brick and mortar. With compliance automation systems at the forefront, patterns of fraudulent activity will be detected at a greater rate, increasing the likelihood of mitigation before impact. 

The compliance environment can only extend further, with more regulatory requirements coming into play. Financial organizations should be prepared for stricter security rules becoming a necessity to protecting both customer and business data.

LogRhythm’s offerings provide financial services organizations with industry-leading automation, compliance and auditing support, comprehensive reporting and protection against advanced cyberthreatsLearn more >

Zero Trust: The practical way to look at cybersecurity

960 640 Guest Post

By LogRhythm

Zero Trust is quickly becoming the security model of choice for enterprises and governments alike. The need to protect, defend and respond to threats is more apparent than ever as we continue to work from remote locations.

Where to start

Zero Trust is more than implementing a new software, it is a change in architecture and in corporate culture. The pandemic has increased interest in this working practice, with a recent survey finding 40 per cent of organisations around the world working on Zero Trust projects.

The first aspect of any project is identifying key data and where it sits in your organisation, and then documenting who needs access to it. This will allow you to begin dividing up your network keeping users and their data in appropriate areas.

The main challenges

The key principle to a Zero Trust model is rock-solid identity management. All users, devices and applications must all be correctly identified to ensure everyone is granted the right level of access.

The data identification process described above is one of the main challenges, understanding where your data is stored and who should have access to it can be tricky with legacy applications and weak identity management.

Then there is the question of culture, will employees be resistant to the change? Managing the amount of friction caused by the process is key to success.

The benefits

Some sort of security compromise is inevitable, Zero Trust mitigates the damage by restricting the intruder to one small part of your network.

It will allow simpler provisioning and deprovisioning of staff as they join or leave, with corresponding cost benefits as IT teams spend less time onboarding and offboarding staff.

It can provide a solution to the registration of trusted devices onto your network and cut spending on managing active directory.

Moving the ‘perimeter’ to the user and their device provides a way to extend the security we take for granted in the office to staff, wherever they might be working.

Learn more about a Zero Trust implementation in the latest Forrester Report.

LogRhythm NextGen SIEM Platform – Build your security program on a solid foundation

960 640 Guest Post

By LogRhythm

Align your team, technology, and processes to see broadly across your IT and operating environments, uncover threats, and minimise risk — all within a single, unified platform. The LogRhythm NextGen SIEM Platform is at the centre of thousands of SOCs worldwide.

Detect threats earlier and faster. 
When it comes to stopping threats, seconds matter. That’s why we built our platform for speed. You’ll quickly identify threats, automate and collaborate on investigations, and remediate threats with agility.

Gain visibility across your environment.
Eliminate blind spots across your entire enterprise — from your endpoints to the network to the cloud. Easily search across your log and other machine data to find the answers you need and know what’s happening across your environment.

Work smarter, not harder.
Spend your time on impactful work instead of maintaining, caring for, and feeding your SIEM tool. Automate repetitive tasks and labour-intensive work so your team can focus on the areas where their expertise can make a difference.

Build for today, scale for tomorrow.
The complexity and scale of your environment is growing rapidly. Don’t settle for an entry-level solution that you’ll soon outgrow. Get high performance and reduced operating costs — for today and tomorrow.

Deploy in the cloud or on-prem.

Learn more at www.logrhythm.com.

The state of the security team: Are executives the problem?

960 640 Guest Post

By LogRhythm

A global survey of security professionals and executives by LogRhythm

Amid a slew of statistics on how job stress is impacting security professionals, we sought to learn the causes of the tension and anxiety — as well understand potential ways teams might alleviate and remediate the potential of job burnout. 

We ran a global survey with security professionals and executives and investigated the tools those security professionals use to understand solution capabilities, deployment strategies, technology gaps, and the value of tool consolidation.

Key findings

“Now, more than ever, security teams are being expected to do more with less leading to increasing stress levels. With more organisations operating under remote work conditions, the attack surface has broadened, making security at scale a critical concern,” says James Carder, CSO and VP of LogRhythm Labs. “This is a call to action for executives to prioritise alleviating the stress and better support their teams with proper tools, processes, and strategic guidance.”

When asked what causes the most work-related stress, not having enough time is cited by 41 percent and working with executives by 18 percent. In fact, 57 percent of respondents think their security program lacks proper executive support — defined as providing strategic vision, buy-in and budget.

In addition, security professionals cite inadequate executive accountability for strategic security decisions as the top reason (42 percent) they want to leave their job. This is a worrying statistic, given that nearly half of companies (47 percent) are trying to fill three or more security positions.

If you are leading a security team or part of a SOC, hearing that stress is increasing in your space is likely no surprise. To keep up with the threats facing your organisation, it is clear there needs to be a cultural shift — and it must start at the top. It is no longer just the responsibility of a CISO or CSO. To ensure a company is secure, the board and executive team must supply their security team with the strategic guidance, a healthy budget, and the proper tools required to effectively do their jobs.

Further information is available in the full report, available from the LogRhythm website

Less than half of firms detect a cyber breach within an hour

960 640 Stuart O'Brien

A recent report by security intelligence firm LogRhythm has revealed that less than half of the organisations it monitored was able to detect a cyber security breach within an hour.

The research study, ‘Cybersecurity: Perceptions & Practices’, also found that less than one-third said that even if they detected a major incident, they would be unable to contain it within an hour.

The study, conducted by Widmeyer, which surveyed 751 IT decision makers from the US, UK and Asia/Pacific, also revealed that a majority of organisations are only moderately confident in their ability to protect their companies against hackers.

“Cyber threats continue to grow in volume and intensity. Seemingly every month, another massive security breach dominates the headlines,” said Matt Winter, VP of Marketing and Business Development at LogRhythm. “To combat these threats, organizations need to carefully plan their budgets and strategies, while developing effective programs that tackle specific threats and keep them one step ahead of cyberattackers.”

The Current State of Security Maturity

Many companies are focused on growing their security maturity, and team size is an important indicator. The survey revealed that, on average, companies employ 12 cybersecurity professionals in their organization. However, more than half of the respondents said that they employ 10 orfewer professionals on their teams.

Special threat detection programs are another indicator of security maturity. This study found that most decision makers—more than 70 percent of respondents—have programs in place to detect specific threats, such as ransomware, insider or employee threats, and denial of service attacks. The vast majority of IT decision makers—95 percent—also use security software to prevent and react to threats. And more than a quarter deploy at least 10 security software solutions to manage security threats.

Level of Security Confidence

When it comes to confidence levels, about half of security decision makers believe that a determined hacker can still breach their organization. In fact, over one-third reported that their company has experienced a breach in the past year—ranging from 29 percent in the United States to 39 percent in the Asia-Pacific region.

When specifically asked about level of confidence, these decision makers revealed that they have only moderately positive confidence in their cybersecurity measures and abilities—suggesting an attitude that is more hopeful than truly confident.

Similarly, most IT executives—over 60 percent—are only somewhat confident that their security software can detect all major breaches. Likewise, they are only moderately confident that they can protect their companies from hackers.

In addition, the level of confidence in one’s security is also swayed by other variables, such as the implementation of programs that target specific types of threats. For instance, decision makers who did not report having programs to protect against threats such as ransomware, insider threats, and service denial attacks are less confident in their security programs. Unsurprisingly, that same segment reported slower rates of detection, response, and containment.

Ability to Respond to Cyberthreats

There are many factors that enable a security team to quickly detect and respond to an incident, including technology, process, programs, and people. When it comes to technology, a strong majority (nearly 80 percent) of IT executives said that a platform for security management, analysis, and response is beneficial—though only about a third rate such a platform as very beneficial. This response may reinforce the notion that true security confidence cannot be created with technology alone.

When asked to consider how their organization is operating from a Threat Lifecycle Management perspective—as an approach that includes discovery, qualification, neutralization and recovery from cyberattacks—IT executives were not overly optimistic. About a third of all respondents reported that they need help at virtually all stages in the TLM workflow, especially detecting, investigating, neutralizing, and recovering from cyberthreats.

Cybersecurity Funding

Security organizations need adequate funding to effectively fight cybercrime. However, the study found that the percentage of resources allocated to cybersecurity from the overall IT budget is often on the low side. Overall, one-third of executives allocate 10 percent or less of their IT budget to security. Regionally, the U.S. had the lowest rate, and Asia-Pacific the highest.

When asked about their comfort level with security funding, 57% of IT executives indicated they are moderately comfortable with their companies’ level of security funding; however, nearly a quarter said they are not comfortable. From a regional perspective, executives in the United States were less likely to think the level of their security funding is appropriate.

The full results of the survey can be found here https://logrhythm.com/cybersecurity-perceptions-practices-survey-white-paper/

LogRhythm

INDUSTRY SPOTLIGHT: LogRhythm

960 640 Stuart O'Brien

LogRhythm, the leader in security intelligence and analytics, empowers organisations around the globe to rapidly detect, respond to and neutralize damaging cyber threats.

The company’s patented and award-winning platform uniquely unifies next-generation SIEM, log management, network and endpoint forensics and advanced security analytics.

In addition to protecting customers from the risks associated with cyber threats, LogRhythm provides unparalleled compliance automation and assurance and enhanced IT intelligence.

www.logrhythm.com

LogRhythm

INDUSTRY SPOTLIGHT: LogRhythm Threat Lifecycle Management

960 640 Stuart O'Brien

LogRhythm, a leader in Threat Lifecycle Management, empowers organisations around the globe to rapidly detect, respond to and neutralise damaging cyberthreats.

The company’s patented award-winning platform unifies next-generation SIEM, log management, network and endpoint monitoring, user entity and behaviour analytics (UEBA), security automation and orchestration (SAO) and advanced security analytics.

In addition to protecting customers from the risks associated with cyberthreats, LogRhythm provides compliance automation and assurance, and enhanced IT intelligence.

Among its many industry accolades, LogRhythm has been positioned as a Leader in Gartner’s SIEM Magic Quadrant, received SC Labs’ “Recommended” rating for SIEM and UTM for 2017 and won “Best SIEM” in SANS Institute’s “Best of 2016 Awards.”