Information Security Blog

In part one of this ransomware blog series, we examined how ransomware has evolved over the years. From[…]

Many enterprises are joining the rush to set up data lakes for handling petabytes of security data and logs. But many executives and architects assume that once they finish setting up log sources, applying parsers, and arming their SOC analysts with reports, their data lake will deliver the goods.

Now more than ever, organizations must utilize cloud-based security solutions to ensure their customer information and data are secure, as well as having expertise on the security and regulatory issues involved. Now let’s examine the specific steps you can take to ensure you’re keeping your cloud deployments secure.

You might have a good handle on your on-premise network security, but what do you know about cloud security and threats to your cloud operations? Do you even have a list of all of the deployed cloud assets within your organization, and who is responsible for each? Most organizations don’t have a handle on their cloud security.

Not just a nuisance anymore, ransomware is now ranked as one of the top cyber threats, wreaking havoc on organizations around the world. Today, hackers are executing calculated, dangerous, and costly attacks on enterprises and governments that can threaten public safety. And ransomware’s sophisticated delivery is designed to fool even the most savvy users.

Lateral movement refers to techniques cyber attackers use to progressively move through a network, searching for targeted key data and assets. In today’s security landscape, hackers are becoming more sophisticated. They use multiple ways to get basic access, such as a phishing attack or malware infection, then impersonate a legitimate user while looking to elevate their privileges. They typically aren’t concerned with being detected—most organizations don’t have the staff, tools, or bandwidth to detect that anything unusual is going on.

The right mix of IR automation and IT orchestration can drastically cut the time analysts spend on manual steps—often from many days to mere minutes. While far from being a silver bullet, automation and orchestration are proven approaches to improving the security, efficiency, cost, and morale of security teams and organizations that depend on them.

Many modern enterprises—like the airlines, cruise ship, and retail industries—produce massive amounts of data on a daily basis. Given this threat landscape, it’s important for businesses to ingest all their security logs in near real-time, process it, and make it available for intelligent cyber threat analysis. Exabeam’s Data Lake is designed for exponential log data growth and the complexity of cybersecurity analysis.

How will organizations spend their increased cybersecurity budgets? Most need to invest in new technology to achieve effective network security and incident response (IR). A cybersecurity technology that’s seeing significant growth, UEBA streamlines overall security operations while alleviating the ever-increasing pressures on teams that stem from chronic cybersecurity issues.

There aren’t many fields where the majority say they’re happy with their profession. In fact, 70 percent of workers say they don’t feel satisfied with their career choices. By contrast, in the cybersecurity industry, the majority report high levels of job satisfaction, according to Exabeam’s 2018 Cybersecurity Salary and Job Report. However, a career in cybersecurity has its challenges.

That was then—next-gen SIEM is now. Modern SIEMs can now apply new solutions to your security domain that weren’t available with legacy SIEMs. But many SIEMs claim to be “next-generation,” and yet don’t have what’s needed to solve the problems most security teams face today. What features are needed to be a next-gen SIEM?