New technologies make our work easier, support our relevant business processes and give us a competitive edge. But digital transformation also brings new dangers and risks – like cyber attacks – that we need to be aware of.
Based on current risk assessments, cyber security will continue to be an important issue in the long term, and not just for operators of critical infrastructure, but for companies and organizations of all sizes and in all sectors. Companies need to evolve conceptually and technologically to protect their infrastructures from digital attacks. This includes using state-of-the-art AI techniques, zero-trust models, and other cyber security practices.
Overcoming new challenges
Cyber threats have changed dramatically in recent years. Conversely, cyber defense is increasingly relying on various forms of threat detection and response solutions. It has become clear that conventional protection solutions are no longer enough on their own. Effective action against attackers requires an effective detection and response strategy. It is important to decide where detection (network, cloud, endpoint) can be used and which sources (logs, flows, packets, metadata) can be used too.
Evolution in network security
In today’s hybrid and multi-cloud network, network analysis (or network detection and response, “NDR”) is of central importance. Network security has evolved over the past few years, from a signature-based IDS solution to netflow monitoring, network packet capture (PCAP), and packet header analysis (metadata). Influenced by AI/ML (NTA), the trend has progressed to continuous behavior analysis (UEBA/UBA) with deep insights into network activities, where today’s NDR solutions analyze all network traffic to detect suspicious data flows and suspicious techniques, tactics, and procedures (TTPs) used by attackers. They expand on security solutions such as a firewall, endpoint detection and response (EDR), security information and event management (SIEM), and security orchestration, automation and response (SOAR), and provide a significantly higher level of security.
AI in cyber security
Artificial intelligence and its sub-disciplines, such as machine learning and deep learning, are important components of modern behavioral analysis. They help to quickly identify any abnormalities and correlate different information in order to focus on relevant and threatening events. The strategy of Vectra’s Threat Detection and Response (TDR) platform is in line with Gartner’s current NDR assessment.
The world’s leading provider of AI-based threat detection and defense (AI White Paper) for hybrid and multi-cloud companies is the most frequently mentioned manufacturer within the MITRE D3FEND framework. This was launched by MITRE as a countermeasure to defend against ATT&CK tactics.
Into the future with innovative technology
Companies are increasingly confronted with cyber threats that target networks and cloud infrastructures, SaaS applications and identities, and pose a major challenge for SOC teams. The innovative Attack Signal Intelligence™ engine is integrated into all Vectra products and services and helps the Security Operations team detect and prioritize cyber threats, reduces the number of alarms, and thus helps the team to focus on truly critical events. AI technology for attack signal detection frees up security analysts from manual day-to-day tasks, giving them time to investigate, evaluate, and respond to real attacks.
Vectra impressively demonstrates how the symbiosis of data science and artificial intelligence can transform and significantly improve the fight against cyber attacks.
Interested? If you have any questions, please contact:
Michael Ulrich
Senior Business Development Manager
E-Mail: michael.ulrich@datastore.ch