Page 59 - index
P. 59
Combat Advanced Cyberattacks with Shared Security
Intelligence
By V Bala, Marketing Manager, ManageEngine
In this information age, even the mightiest of enterprises and governments across the globe are
worried about cyberattacks. Not a single day passes by without a story about a hack or a
compromise or an identity theft involving data related to a large number of users. Cybersecurity
is increasingly becoming complex, and cyberattacks have truly emerged as a global crisis.
An analysis of some of the recent high profile breaches reveals that the threat landscape is
rapidly evolving into a more dangerous ground with highly targeted attacks and advanced
persistent threats (APTs) leading the way.
Traditionally, enterprises have depended primarily on perimeter security software and traffic
analysis solutions, which help only in combating traditional attack vectors. But hackers today are
becoming highly creative, and traditional defenses are not effective against advanced threats.
Combating modern cyberattacks demands a multi-pronged strategy incorporating a complex set
of activities. These include deploying security devices, enforcing security policies, controlling
access to resources, monitoring events, analyzing logs, detecting vulnerabilities, managing
patches, tracking changes, meeting compliance regulations, monitoring traffic and more.
But even all these measures are proving insufficient to effectively tackle the sophisticated APTs
and targeted attacks. Organizations are required to turn toward advanced analytics, which
involves analyzing all the data that enters the network, all the time. Though the market is
flooded with various types of IT security analytics solutions, the harsh reality is that no single
solution could offer effective protection against all emerging threats.
Despite having a sound security arsenal, organizations encounter embarrassing breaches as
cybercriminals often stay ahead of all defenses. Organizations are required to not just analyze
internal data but also to gain threat intelligence from external sources to obtain real-time
visibility. The battle against evolving cybercrimes calls for close coordination and collaboration
among security solution vendors, industry groups, government agencies, and security analysts.
The need for sharing security data and intelligence is pressing and clear.
Already, a good number of public and private collaborative communities and information sharing
groups are playing a pioneering role in creating and disseminating threat intelligence.
Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG), Anti-Phishing Working
Group (APWG), Emerging Threats, Malware Domain List, SANS ISC, and Spam and Open
Relay Blocking System (SORBS) are some of the popular communities. Other communities like
Information Sharing and Analysis Centers (ISACs) specialize in verticals, such as IT, financial,
healthcare or banking, and they offer highly focused feeds relevant to specific verticals.
59 Cyber Warnings E-Magazine – July 2014 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
