It is clear that cyber attacks are a reality of the 21st Century.
As such, leaders at all levels need to move from a reactive-based
approach of looking for what is familiar and already known, to
hunting for the new and unknown threats to their most valued
assets. It’s critical to have an in depth understanding of why
“Security Analytics” are required, what they are, where they fit
in and how to get started. Relying on networking to identify
threats and the latest solutions to the threats that emerge isn’t
Why does my bank need Security Analytics?
Historically, a “castle wall” mentality has driven the approach to
security for many organizations. Defenders attempted to build
the perimeter of their networks into impenetrable walls, making
them as tall and thick as possible. The reality of the situation is
that however good the prevention measures are, a determined
attacker will find a way to unlock them.
The information that is collected by banks on their IT systems, to help them monitor for suspicious activities, has dramatically improved. At the same time, the concern over data
breaches and other cyber-related incidents has increased. For
example, most security protection and prevention devices like
anti-virus, email monitoring solutions or Intrusion Detection
Systems generate logs (data) about what they are seeing on
the networks. Laptops/desktops also can generate logs about
what a user is doing. This is beneficial because it results in
the types of information we can then use to hunt for threats.
It also creates the challenge of making sense of the data and
turning it into actionable intelligence that can be used to detect
[rather than react]
APPROACH WITH CYBER ANALYTICS