threat detection Archives - Security IT Summit | Forum Events Ltd
Posts Tagged :

threat detection

What keeps you up at night? It’s users, isn’t it

960 640 Stuart O'Brien

Ninety-two per cent of organisations’ biggest security is concern is users, with 81% having some degree of concern around security issues.

A new report, What Keeps You Up At Night 2019 – commissioned by security awareness training company KnowBe4 – looked at over 350 organisations globally.

The research was carried out against a background in which AI and machine learning are being leveraged by criminal organisations to help them better understand how to improve their attacks, targeting specific industry verticals, organisations and even individuals.

In the results, increases in the frequency of ransomware, phishing and crypto jacking attacks were experienced by businesses of nearly every size, vertical and locale.

When it came to attack vectors, data breaches were the primary concern, with credential compromise coming in as a close second.

The report says these two issues go hand-in-hand, as misuse of credentials remains the number one attack tactic in data breaches, according to Verizon’s 2018 Data Breach Investigations Report.

Phishing and ransomware ranked next, demonstrating that organisations are still not completely prepared to defend themselves against these relatively “old” attack vectors.

Other key findings from the report include: 

• 92% of organisations rank users as their primary security concern. And at the same time, security awareness training along with phishing testing topped the list of security initiatives that organisations need to implement. 

• Organisations today have a large number of attack vectors to prevent, monitor for, detect, alert and remediate; in terms of attacks, 95 per cent of organisations are most concerned with data breaches.

• Ensuring security is in place to meet GDPR requirements is still a challenge for 64 per cent of organisations, despite the regulation details being out for quite some time.

• Attackers’ utilisation of compromised credentials is such a common tactic, 93 per cent of organisations are aware of the problem, but still have lots of work to do to stop it. 

• When it comes to resources, 75 per cent of organisations do not have an adequate budget.

“2018 was a prolific year for successful cyberattacks, and many of them were caused by human error,” said Stu Sjouwerman, CEO of KnowBe4. “IT organisations are tasked with establishing and maintaining a layered security defence. The largest concern, as demonstrated again in this report, is employees making errors. Organisations must start with establishing a security culture, and in order to combat the escalation of social engineering, they have to ensure users are trained and tested.” 

NTT-ThreatQuotient

NTT Security and ThreatQuotient partner to deliver Threat Intelligence Services

960 640 Stuart O'Brien

NTT Security has announced a partnership with ThreatQuotient to broaden its threat intelligence capabilities.

ThreatQuotient’s threat intelligence platform (TIP), ThreatQ, will serve as the cornerstone of NTT Security’s new threat intelligence services offering.

The platform’s flexible architecture for aggregating and correlating threat data will enhance NTT Security capabilities for bringing detailed, relevant threat intelligence to NTT Group clients through managed security services.

NTT Security and NTT Group’s operating companies Dimension Data, NTT Communications and NTT DATA, as well as their clients, provide visibility into the methods of malicious actors on the internet.

Analysts from NTT Security’s Global Threat Intelligence Centres (GTIC) will be using ThreatQ to process this data and turn it into actionable threat intelligence that can benefit its consulting and managed services clients.

ThreatQ will also fully integrate into NTT Security’s Global Managed Security Services Platform (GMSSP). This will enable NTT Security to collect data about attacks on client systems and disseminate the resulting threat intelligence to the Advanced Analytics Engine and expert SOC analysts, plus also respond to and proactively stop these attacks in real time.

Many of NTT Group’s enterprise clients also have their own in-house threat intelligence capabilities generating data they are willing to share and collaborate with partners. By integrating internal client data with NTT Security’s intelligence within ThreatQ, NTT Security claims it will have more context to better protect the managed systems.

NTT Security will also be using the ThreatQ platform to enhance its consulting services.

ThreatQ uses the standard STIX/TAXII1 protocols for communicating threat data to other security devices, which will allow NTT Group’s clients to consume threat intelligence generated by the GTIC. This capability can be used to provide data to a client’s own in-house threat intelligence teams via its own TIP or send it directly to security infrastructure, including Security Information and Event Management (SIEM) platforms, ticketing systems, network security devices and endpoints.

“NTT Security’s global managed security services and channel program is exactly the type of model that we strive to be part of as we work to reach more organizations that need deeper support to get a threat intelligence program off the ground, or get more value out of existing strategies,” said Matt McCormick, SVP Business and Corporate Development, ThreatQuotient.

Steven Bullitt, Global VP Threat Intelligence and Incident Response at NTT Security, commented: “Our partnership with ThreatQuotient is designed to help NTT Group clients proactively protect themselves based on the real-world threats they face every day. ThreatQ’s built-in integration with many of the leading threat intelligence sources as well as NTT’s own detecting and collecting threat intelligence will also enable us and these clients to get the data we need. Meanwhile, the flexible deployment options for ThreatQ will also help clients who want to build out their own capabilities.”