Monitoring News, Articles and Updates

What is the threat posed by privileged users?

Accounts with legitimate access to not only sensitive information but also complete control over the system are put in the best position to act maliciously.

Identifying anomalies before a breach: A networking approach to security

Micro segmentation is a preferred method to achieve network security in a hybrid IT and multi-cloud environment. Instead of relying solely on hardware-based firewalls, security can be integrated directly into a virtualised workload.

Why digital fingerprinting could hold the key to GDPR compliance

The key to limiting damage is to neutralise the threat before the cyber-criminals have had a chance to monetise that all-important data. Banks spotting customer payment card details on the dark web can suspend those accounts.

Big data, not Big Brother: context tackles safeguarding in education IT

What is needed for online use analysis in safeguarding is context, and it's here that big data analytics and machine learning can help educators correlate activity with what we might know about the individuals engaging in it.

How DLP must evolve to deal with dynamic new threats

Organisations need to equip themselves with a united view of their entire network, extending from the endpoint through to the cloud - including penetrating through encrypted traffic that could be hiding malicious activity.

Why visibility & forensics are key to enterprise security - a checklist

A six point checklist for making sure that your security teams have the capacity to track the root causes and progress of malware.

Overcoming data overload in cyber-security

Faced with a shortage of skilled IT security staff, prioritising alerts can be an important strategy. By creating a set of defined processes and routines, security teams can review sets of data regularly in order to spot anomalies

Five reasons for extra enterprise data vigilance in 2018

Securing and monitoring a complex and distributed IT infrastructure is essential for growth and regulatory compliance. But it requires cooperation by employees at all levels as well as continuous improvements to meet emerging threats.

More than half of ransomware victims hit at least twice

Most ransomware victims hit more than once, and don't have defences. Industry adopting AI that deploys deep learning neural network machine learning is predictive by looking for and identifying the techniques scammers use.

Securing access in the perimeter-less era

As enterprises no longer have distinct boundaries defined by inside and outside the firewall, gaining visibility on the health of devices connecting to their network is more critical than ever.

Insider threats: Suffering from the detective's curse

Recent research shows 41 per cent of UK respondents stating that they have complete trust in employees with privileged access. This isn't a good position to be in.

Containers and the question of trust

Existing software development and security methodologies may need to be modified to better support a new way of developing, running, and supporting applications made possible by containerisation.

Are we too busy with pancakes to get serious about ransomware?

Application Whitelisting ends the weak spot for Zero-Day malware in AV, but false positives may make passive process/service monitoring with alerting a better compromise between prioritising business operations over protection.

The evolution of analytics in threat detection

Cyber threats are evolving quickly. Fortunately, so is incident detection and response (IDR), powered by data explains Eric Sun, with techniques such as honeypots identifying suspect behaviour.

Will IETF proposal be the end of enterprise middlebox traffic snooping?

Is the ability to effectively bypass monitoring middleboxes is a good thing, both for the enterprise and more broadly network security?

Don't be tomorrow's news - use machine data to protect PII pre-GDPR

Using machine data to monitor staff behaviours can identify potential PII breaches before they happen and avoid the huge fines that would follow once GDPR comes into effect says Matthias Maier

Trapping to hunting: intelligent analysis of anomalies to detect compromises

One of the goals of Breach Detection Systems is to provide the most effective automated detection with minimal false positives, because excessive false positives cause "fatigue" in the incident responder explains Dr. Giovanni Vigna

Threat hunting? Ditch the SIEM and use the principles of Big Data

The human is the most essential part of any security programme and they need frictionless ways to work with data, be more productive, secure their environments, and apply their own methods to their tools says Josh Mayfield.

EU says prior permission required to monitor staff electronic communications

Organisations will have to ask permission first before being allowed to conduct electronic monitoring of staff.

Insider threat: Employees at the heart of companies' data security

Firms need to evaluate their security procedures around flexible working now, before it leads to a damaging data breach says Jean-Frederic Karcher.

Top 10 cyber-weapons; weaponised IT the preferred attack vehicle once inside

Top ten hacker tools identified - misuse of legitimate tools dominates inside the network.

Don't underestimate the idiots - monitoring behaviour on your network

How do we spot anomalous system behaviour on our networks that indicates a security breach? That was the theme of last week's SC Magazine UK roundtable aboard HMS President, sponsored by Splunk.

How to find a 'Super Hacker'

Anomaly-based detection, rather than signatures or threat intelligence, is more likely to detect nation-state and advanced criminal 'Super Hackers' before they can gain a significant foothold on networks says Peter Cohen.

Faster security understanding with visualisation

Passive inspection is too slow in today's interconnected, data-rich IT environments, says Thibault Reuille.

Look beyond the darknet to manage supply chain risk

Vetting staff and contractors, including what they are saying on the internet and the darknet, is vital to protecting your company, says Tim Ramsey.

'The best defence is a good offence' in evolving security, networking market

Dieter Lott discusses the security and networking solutions market and how organisations should be adopting a new proactive approach to security breaches given that IT infrastructure is in a constant state of change.

Living with the enemy

Preference for technical solutions, rather than organisational change is resulting in over-investment in stopping cyber-attacks rather than detecting attacks and defending data says James Henry.

Alert fatigue: When your security system cries 'wolf.'

Too many false positives inevitably reduce response times - and even response numbers - so raise the verification bar and thereby limit them says Chandra Sekar.

Network visibility can prevent you from being the next cyber-security headline

Better understand what's happening on your network and you'll be better prepared to tackle hostile intruders says Corey Nachreiner.