Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Advice On Preventing High Profile Network Breaches

Q1 Labs : 14 February, 2011  (Technical Article)
Q1 Labs uses recent NASDAQ hack as example to assist organisations in understanding how network breaches occur and what steps should be taken in order to avoid them
Q1 Labs has issued guidance for enterprises looking to better protect their networks from threats – both insider and cyber crime – in the wake of the recent report of NASDAQ suffering a network breach.



“NASDAQ Director’s Desk breach is the latest high profile example of breaches that are taking place every day,” said Tom Turner, senior vice president of marketing and channels at Q1 Labs. “This is a perfect example of industrial cyber espionage, where intruders enter the network inconspicuously to sit and wait for the right time to unleash its wrath on the network, otherwise known as Advanced Persistent Threats (APTs). Companies of all sizes are being attacked repeatedly on a daily basis, and they often lack the visibility and situational awareness to deal with these attacks. We provide the Security Intelligence necessary to detect and alert on anomalous behavior that is often the harbinger of APTs.”



Top reasons organizations’ networks are successfully breached include:



   1. Lack of investment in core information security infrastructure technology, including but not limited to, switches, firewalls, IPS, VPNs, vulnerability scanners, and identity/access management.

   2. Lack of sufficient security intelligence on the network.

   3. Not properly leveraging the information security technology they already own; this includes having poorly configured network and security devices.

   4. Not addressing key vulnerabilities in their infrastructure.

   5. Unable to effectively minimize risk because of organizational and/or technology silos.



In retrospect, previous high profile attacks such as Stuxnet, the Google breach, Wikileaks, NASDAQ and others are all connected; the key theme is low and slow APTs. These breaches are the driving force for the need for Security Intelligence – the ability to see every action taking place on a network.



As the only Security Information and Event Management (SIEM) provider to integrate Application Layer Behavior Analysis, Q1 Labs is uniquely positioned to provide effective visibility and context by correlating network & application activity against log events and other security telemetry across entire networks. As a result, the company offers the following recommendations regarding network security in order to prevent a breach; organizations should:



   1. Break down technology silos through the integration and analysis of a broad spectrum of information including network, virtual network, security, vulnerability, asset, application, and configuration data, among others.

   2. Bridge operational silos and deliver the most appropriate security functions to meet the requirements of a broad spectrum of users including operators, analysts, auditors, managers, and executives, among others.

   3. Have all the contextual information needed to prioritize the risk of a security incident based on the overall impact to the business.

   4. Automate the detection and notification of newly introduced risks on the network.

   5. Seek to establish an integrated security intelligence framework for assessing risk across all relevant information.



For more information and to receive in-depth guidance on how to prevent a breach, click here to download the “Five Practical Steps to Protecting Your Organization Against Breach” white paper from Q1 Labs.
Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo