Published on May 3, 2017
Hackers are realizing that the easiest way to break into enterprise IT infrastructures is not to break in at all. Insider threats are emerging as the most critical threat vector and hackers are exploiting them. They’re resorting to bribes, social engineering and other mind tricks to gain access to the crown jewels of enterprise through legitimate, insider credentials. This is why cybersecurity techniques must evolve from legacy, rule-based detection techniques to those leveraging behavior analytics and machine learning that can detect account compromise, insider threats and other advanced threats.
The Financial Services Information Sharing and Analysis Center (FS-ISAC) annual summit is going on in Florida as we speak. It’s a premier event for information services executives and practitioners in financial services organizations. For those in the financial services sector, the crown jewels are often cold hard cash. In most cases, the cybersecurity issues my colleagues in financial services face have a direct impact on enterprise top and bottom lines, and the day-to-day lives of their customers.
At Securonix we focus on analyzing cybersecurity TTPs and regularly witness hacking attempts such as phishing, account compromise and takeover, use of existing system accounts and malware infections on enterprise devices. We also see fraud activity such as payment fraud, money laundering, insurance fraud, ACH/wire-transfer/payment-card fraud and much more. (We have just published a new whitepaper that specifically addresses fraud scenarios.) The sophistication of cyberattacks against financial services warrant a serious exploration of machine learning for cyber threat detection and incident response.
Enterprises collect vastly more data than they did just a few short years ago. As part of normal operations, they’re collecting web traffic, transactional data, system communication, user and account activity, device and endpoint metrics, mobile telemetry, social activity and trends, and much more. Securonix analyzes the treasure trove of data now available to enterprises using behavior analytics and machine learning.
We recently released Securonix SNYPR, a big data security analytics platform that ingests unlimited volumes of data and enriches it with contextual information such as user identity, asset metadata, network information, geo-location and threat context, thereby transforming raw events into meaningful information that is easy to understand, search and investigate. SNYPR applies behavior analytics, machine learning and threat modeling to the data in order to predict, detect and contain advanced threats, anywhere, in real-time. This alleviates several security management issues such as false negatives, alert flood and false positives, long detection times and missed low-and-slow data exfiltration.
Securonix is a proud sponsor of the FS-ISAC mission, and we work with most of the financial services firms in this forum. Together we are on the cutting edge of security analytics and machine data learning. The Securonix SNYPR security analytics platform combines data collection and super enrichment, big data analysis, user and entity behavior analysis (UEBA), and search & visualization frameworks with financial security, fraud and compliance apps for security management. To learn more about how we help solve the issues you as financial services security professionals face every day please schedule a demo.