The Importance of Intelligence Driven Threat Detection

Your network is under siege. It’s not personal—it’s just a fact of life today that all companies, regardless of size or industry, are under constant assault from cyber attackers. Every device or node accessible from the public internet is constantly bombarded. You need 24/7 monitoring to know when your network is breached or your data is compromised, but it can be overwhelming to try and separate the signal from the noise to find the threats that need attention.

Dr. Jonny Milliken, Threat Research Manager for Alert Logic, and Kenny Lemmen, Security Analyst Team Lead at Alert Logic, recently presented a webinar titled “Why You Need Intelligence Driven Threat Detection to Stay Secure” that looks at the anatomy of an attack, and the tools and processes necessary to effectively assess cybersecurity events to find the proverbial needle in the stack of needles and ensure valid cybersecurity incidents get the response and escalation necessary for effective remediation. 

Addressing the Evolving Cyber Threat Landscape

Effective cybersecurity doesn’t have business hours. The internet is global and it’s always “business hours” somewhere. Attackers have to sleep just like everyone else, but the cyber attack infrastructure carries on around the clock. Malicious actors have a diverse and growing variety of attack tools and frameworks that enable them to automate the process of finding and compromising vulnerable devices.

It can seem overwhelming for an organization to defend against this constant siege of cyber attacks. Buying the right tools is just part of the equation. You also need the expertise to properly implement and tune the tools to effectively catch suspicious and malicious activity while minimizing false positives, and the right skills to analyze and evaluate cybersecurity events to determine which are actual security incidents that need to be addressed.

Implementing the right tools and hiring the right people to manage cybersecurity can be costly—and that assumes you can even find the right talent to hire. Cybersecurity currently has zero percent unemployment with an estimated 350,000 unfilled roles. Cybersecurity talent is in high demand, which means those with the right skills can demand a premium.

Even with the right tools and the right talent, an organization that tries to manage its own cybersecurity is at a disadvantage. The individual organization will only detect the threats that hit their own network, and the timeframe to respond before a threat becomes a successful compromise is significantly compressed.

Greater visibility means better protection. Alert Logic monitors more than 4,000 customers around the world 24/7, giving our security analysts a much broader view of the threat landscape. Once a threat is detected for one customer, the response and remediation are applied for all customers.

The Human Touch

Having the right tools in place to detect and identify threats as early as possible is essential, but the human touch is also crucial. Tethering threat detection to an intelligence capability allows you to identify and react to critical threats quickly.

Alert Logic processed 18 trillion—with a “T”—log messages in 2018. That’s 18 trillion log messages that were stored, processed, and searchable in our systems by our security analysts and customers. Those 18 trillion log messages resulted in 2.8 billion IDS (intrusion detection system) events—an average of 89 events every second of the year. Alert Logic security analysts evaluate and respond to roughly 3,500 cybersecurity incidents per week—all investigated by an actual human being and analyzed within the context of the unique customer infrastructure.

The threat landscape is constantly evolving—requiring innovative new approaches to detect and counter threats. Take a look at how Alert Logic approaches this problem and why threat intelligence should be a key element of your security operations in this webinar: Why You Need Intelligence Drive Threat Detection to Stay Secure.

About the Author

Tony Bradley

Tony Bradley is Senior Manager of Content Marketing for Alert Logic. Tony worked in the trenches as a network administrator and security consultant before shifting to the marketing and writing side of things. He is an 11-time Microsoft MVP in security and cloud and has been a CISSP-ISSAP since 2002. Tony has authored or co-authored a dozen books on IT and IT security topics, and is a prolific contributor to online media sites such as Forbes and DevOps.com. He has established a reputation for effective content marketing, and building and engaging a community and social media audience.

Connect |
Email Me |
More Posts by Tony Bradley



*** This is a Security Bloggers Network syndicated blog from Alert Logic - Blogs Feed authored by Tony Bradley. Read the original post at: https://blog.alertlogic.com/the-importance-of-intelligence-driven-threat-detection/