Think about this statement: “Half of the people you know are below average.” In simple terms, it means that statistically most of the people you know are considered to have average intelligence, or just below or above the line. Does this mean they are dangerous? Does it mean you should reconsider your friendship? Let’s not jump to conclusions just yet.
With the RSA Conference 2017 kicking off next week, the entire Preempt team has been excitedly preparing for it. We are looking forward to participating with the who’s who of security vendors and meeting with top security professionals onsite.
This is part 4 of an ongoing series of posts that answer “A Closer Look Inside UEBA: Top 5 FAQs.” In our last post in the series we talked about the benefits of UEBA solutions. This week let’s take a look at the question that is on the mind of every budget-minded and busy security professional:
This week at the Gartner Symposium and ITxpo, David Cearley, Gartner Vice President and Fellow discussed the Top 10 Technology Trends of 2017 and their impact on IT and operations over the next 5 years. With cyber attacks showing no sign of waning anytime soon, it’s no surprise that the macro trend of an Adaptive Security Architecture is highlighted again this year. The the report focused more on importance of User and Entity Behavior Analytics (UEBA) as a component of this architecture as well.
In our Part 1 Series we talked about User and Entity Behavior Analytics (UEBA) and its benefits for better detecting possible breaches and insider threats through user and entity behavior and risk scoring. Now let’s talk about the differences between traditional UEBA vs the newer UEBA solution, the Behavioral Firewall, which integrates adaptive responses to prevent threats.
Enterprises define security policies that match their business objectives. By setting security policy rules, an organization can better enable the business to achieve its goals while protecting them from advanced threats. They work reasonably well, even allowing for the well publicized breaches and insider threats. Without policies or a set of tools in place for such eventualities, it will be very difficult for the business to operate effectively when under attack.
I believe detection and prevention are the most chewed-over words in the security market. In the last 20 years, I have seen the term virus evolve to worm and horse (trojan). Then it left the living creature world and moved to the “Bond” world by becoming spyware, malware, ransomware and even getting recognized by names, such as Zeus, Cryptolocker and more.
And yet the basic terms of detection and prevention have remained steady. No matter the triggers, no matter the technology or the company. Sometimes you’ll hear detection and prevention used together and sometimes separately depending on the solution’s capabilities. What changes with these terms lies underneath as the threats to organizations continue to proliferate.
“Being the founder of a startup is a very unnatural thing to do.”
Those were the words of a board member from my previous company. Most people would rather work in a more established company solving problems they deem challenging, without having to worry about customers, finances, employees, etc.