Skip to main content

CUSTOMERS

Meritalk's Cyber Security Survey: Too Much Data and No Complete Story

A recent survey of federal, state and local agencies by Meritalk tells a very interesting story. Five key facts stand out: 68% of cyber pros say their organization is overwhelmed by the volume of security data and 76% believe their security team is often reactive instead of proactive. 78% say at least some of their security data goes unanalyzed due to a lack of time and/or skill from their team. 9 out of 10 cyber[…]

Read more

Topics: CUSTOMERS, SECURITY

Security Event Management Basics (What We've Seen Companies Are Not Doing)

If you are reading this blog, I am probably preaching to the choir when I say that monitoring logs is an extremely valuable and cost effective way to identify security issues in the network. What is not so obvious, however, is that purchasing a SIEM/Log Management solution is the first, not last, step in extracting the value hidden in these logs. There are several steps that must be taken, and constantly reviewed, to ensure that[…]

Read more

Topics: CUSTOMERS, SECURITY

My RSA Expectations – Blinding Spotlights

Having been to more RSA events than I am willing to admit, the highlight for me is always watching for new products being released and security startups coming out of stealth showing their never-before-seen technologies to detect data breaches before they happen. At this year’s RSA event most of the older more mature technologies will be found in north building and most of the security startups with new ideas will be found in the south[…]

Read more

Topics: CUSTOMERS, LIFE AT EXABEAM, SECURITY

The Problem with Patching is it’s not a Panacea

Remember when it seemed like everyone held his or her breath every Microsoft Patch Tuesday wondering how bad it would be? Unless it’s a pervasive security flaw such as the BASH shell vulnerability (a command line program for UNIX systems/ run on 80 percent of the servers online), which led to the Shellshock attacks, patching isn’t the hair-on-fire exercise it once was. As many companies rushed to address the BASH vulnerability, they found that the[…]

Read more

Topics: CUSTOMERS, LIFE AT EXABEAM, SECURITY

Cyber Insurance, User Behavior Intelligence and Lower Costs

Buying Cyber Insurance We’ve all read articles about companies that had a lot of costs associated with a data breach but in the same paragraph we see that the company had data breach insurance that offset some portion of the cost. Risk is bad for business. When it comes to risk, business take two approaches—mitigate and transfer. Buying insurance is risk transfer to an insurance company. Actuary tables have been around since the 1700s. Data[…]

Read more

Topics: Compliance, CUSTOMERS, LIFE AT EXABEAM

The Case of the Missing Laptop

Missing (or stolen) laptops are a big deal, but, they are an even bigger deal in the heathcare vertical. The HIPAA/HITECH act essentially updated HIPAA in 2009 to take into consideration electronic health records (EHR) data as the industry continues to move from paper to electronic recordkeeping. The HITECH Act now imposes data breach notification requirements for unauthorized uses and disclosures of “unsecured PHI.” These notification requirements are similar to many state data breach laws[…]

Read more

Topics: CUSTOMERS, LIFE AT EXABEAM, SECURITY

The Five Stages of User Behavior Intelligence Acceptance

We’ve been working with our customers for a while now and we’ve had a chance to see the reactions of security teams that drive security investigations with user behavior intelligence. Exabeam, a user behavior intelligence solution applies dynamic behavior modeling to find credentials that are exhibiting anomalous behaviors. It takes very little time for the security team to start using it as a way to find misconfigurations, policy violations, miscommunication between IT Ops and security[…]

Read more

Topics: CUSTOMERS, LIFE AT EXABEAM, SECURITY

Continuous Diagnostics and Mitigation (CDM): What Civilian Agencies Need to Know

Two years ago, the Department of Homeland Security (DHS) rolled out a $6 billion program designed to establish continuous diagnostics and mitigation (CDM) for more than 100 civilian agencies. It’s a major cybersecurity effort that began with asset management and will grow to include the management of accounts, event and the security life cycle by 2017. At the start of the program, DHS set up a process for agencies to assess their security profiles before[…]

Read more

Topics: CUSTOMERS, SECURITY

Living in the Attack Chain Gaps

A common theme across multiple versions of the so-called “attack chain,” from Lockheed Martin’s kill-chain to Mandiant’s attack chain and others, is that they all show, with a few differences, the steps an attacker takes to achieve their objective: breaching a network undetected to steal valuable data. The most effective way for attackers to do this is by using stolen valid user credentials to slip past initial point-of-intrusion detection devices. The attack chain example that accompanies[…]

Read more

Topics: CUSTOMERS, LIFE AT EXABEAM, SECURITY

Exabeam: Get User Behavior Intelligence in 2015

EXABEAM IS AVAILABLE! For every company, the first general availability (GA) release – Exabeam version 1.6 in our case – is a major milestone. The software is enterprise-ready, scales to monitor over 150,000 users with a single appliance, and it just plain works out-of-the-box. Exabeam enables organizations to realize the promise of their existing security information and event management (SIEM) deployments by applying user behavior intelligence to identify the attacker who evades detection from initial point-of-compromise[…]

Read more

Topics: CUSTOMERS, SECURITY, TIPS AND TRICKS
2017