Ever heard of managed detection and response? You may need it in 2018
Data breaches are increasing at an alarming rate; they are now inevitable
In 2018, your network will most likely be breached. In previous years, we would not be able to say this. Network perimeters were limited and securable. Attacks were relatively uniform and predictable. And attack volume was low enough to be stopped with heavy investment in legacy security information and event management (SIEM) systems.
Those days are gone. The enterprise now runs on cloud, mobile and the Internet of Things. By 2020, there will be 50 billion connected devices. 99 per cent of these computing devices are vulnerable to cyberattacks. The enterprise security perimeter has dissolved.
At the same time, attackers have learned to take advantage of the new, complex and permeable enterprise. They take advantage of your moments of peak network traffic to hide their attacks. They have evolved fast, sophisticated, multi-channel attacks. They now deploy complex unknown attack patterns - and the identity of the attackers themselves often remains unknown until it's far too late.
The result: data breaches are increasing at an alarming rate. They are now inevitable.
Attackers know this. They have let go of "smash and grab" approaches to cybercrime, and now focus on seeding your systems with advanced persistent threats that take months to secretly find their target and inflict their harm. They now assume they will breach your systems, and be able to hide in your network as long as it takes to complete their mission.
And if you hold onto legacy approaches to cybersecurity in 2018, your attackers will be right to make this assumption.
Fighting back in 2018 with MDR
Organisations and cybersecurity experts are waking to this reality, and shifting their focus away from prevention, and towards managed detection and response services. IBM predicts 2018 will be the first year a major company will respond appropriately after suffering a significant breach. At the same time, Gartner argues detection and response capabilities will "drive a majority of security market growth" through 2022.
MDR services assume a breach will happen, and answers the question, "how do we act quickly to prevent a breach from becoming catastrophic?" MDR services continuously monitor your systems to find breaches in real-time. They then quickly shift to respond in near real-time. While MDR services do focus on what happens after a breach occurs, they do not ignore threat prevention entirely. A mature MDR program provides full left-to-right of the hack protection, including the following services:
. Threat anticipation: Continuously reviews the global threat landscape to identify, and protect your systems from most likely threats.
. Threat hunting: Deploys data science and machine learning models to proactively uncover known and unknown threats in your networks.
. Security monitoring: Applies real-time rules to logs and security events to detect known attacks and compliance violations.
. Incident analysis: Triages alerts to focus on evaluating your most relevant threats, and queuing up response in the case of security incidents.
. Incident response: Executes rapid, coordinated containment, eradication, and recovery from major incidents.
. Breach management: Leverages human experts and machine learning to derive lessons from the breach, and strengthen your system from similar future attacks.
Making MDR work for your organisation in 2018
The transition to MDR-led security services in 2018 faces certain challenges. In 2018, much of this challenge will come from contending with stringent new privacy and data protection regulations (such as the European Union's General Data Protection Regulation) and selecting the right cybersecurity provider.
The MDR service provider market will appear confusing, as traditional MSSPs attempt to adopt MDR-like services (or, perhaps, to simply adopt MDR branding without fundamentally changing their service offerings). However, it's imperative to cut through this confusion. Select an MDR-first provider who has dedicated years of investment in anomaly investigation, forensic capabilities and response playbooks.
Challenging or not, MDR adoption is no longer optional. The average cost of a single data breach will exceed $150 million by 2020, and by the end of 2018, cybercrime damages are projected to exceed $9 trillion globally. Will you join these statistics in 2018? Or will you protect yourself with MDR
The author is executive vice-president for the Americas and CMO at Paladion. Views expressed are his own and do not reflect the newspaper's policies.
Plug and Play is one of the world’s most active venture capital ... READ MORE
Market expected to stabilise and reach $548.4B at a CAGR of 18%... READ MORE
Security researchers say system could be misused by governments... READ MORE
The feature, called View Once, will let photos and videos disappear... READ MORE
Part of the new tech that will be rolled out is a multi-target... READ MORE
86% residents plan international vacations as Covid curbs ease, a... READ MORE
Sharjah-based airline rolls out special one-way fares to 11 Indian... READ MORE
Get ready to be starstruck: Andrea Bocelli, Ellie Goulding and... READ MORE