discover analyse educate
Cyber Security & Operational Analytics
discover.
analyse.
educate.
The key pillars when building a comprehensive defence against the current and next generation of threats.
- Discover, to gain visibility of your network, data usage patterns and abnormal behaviour.
- Analyse, to find the needle in the cyber haystack, pinpointing any network data breach.
- Educate, your user community as this is found to be the weakest link as cyber criminals focus their attacks here.
A Practical Approach to Cyber Security
Together with our partners we have developed a cohesive strategy to help you improve your IT effectiveness by improving your understand the data in your networks, delivering detailed analysis of threats that exist and, perhaps most importantly, supporting your staff at the front line of cyber defence though comfortable online education.
Whether you already have cyber security measures in place it is a valuable exercise to review these key pillars of defence and remedy and gaps you may find. Our approach is to consider each area using best of breed technology to address each in an optimal way.
Some of the key advantages;
- Improve your security position across the board.
- Increase troubleshoot turnaround time.
- Automate regulatory processes including GDPR.
- Improve efficiency in forensics investigations.
- Gain visibility into the organisation.
- Out-of-the-Box Reporting.
- Easy to Manage Dashboards deliver in real time.
- Powerful Data Analytics for ad hoc reporting
discover: network visibility
Discovery is the first step protecting your network - for visibility of your network access, data usage patterns and abnormal behaviour.
Achieve total visibility across your network
Ransomware and malicious insiders pose serious threats to the security of your data as does lack of visibility into access rights, data usage patterns and abnormal user behaviour. These vulnerabilities can be exploited by malware that is accidently downloaded or brought onto the network.
To ensure your cyber defences are up to scratch, you need to have complete network visibility.
To implement a best practice approach to processes that facilitate improved visibility, key steps can include:
- Audit trail
- A complete record of audit data isn’t just necessary for compliance, it’s the first insight in the event of a breach or data loss incident.
- Access control
- Implementing selective and/or restrictive access to systems and data ensures that malicious or accidental insiders don’t have unnecessary access.
- Privileged user management
- The management of privileged accounts, including their provisioning and deprovisioning (along with permissions, authentication, etc.) can significantly the potential unauthorised applications running that can trigger security incidents.
- Integrity monitoring
- The validation of data and configuration integrity by comparing the current state to a known good baseline is another simple step in quickly identifying potential problems.
- Account management
- Ensure you have a process for issuing, removing, maintaining and configuring accounts and their privileges, including de‐commissioning ex‐employees and keeping admin or super‐ account users up to date.
You can download our free whitepaper Compliance Demystified
from www.matraxis.co.uk/dea-download.
analyse: SIEM & NTSA
Now that you have visibility of activity across your network, the next essential step is to understand what is happening and analyse the data. But where do you start?
Thousands, or even millions, of logs can be pulled together, but it’s all about Actionable Intelligence – helping you make effective decisions quickly and efficiently this is where a practical SIEM solution comes in to play.
Pinpointing a data breach within your network is vital which is why Gartner highlights user and entity behavioural analytics (UEBA) as one of the top 10 technologies that should be part of a security strategy, and SIEM remains at the heart of core cybersecurity strategy.
Here are some behaviour patterns and trends that could identify potential problems across your uses, devices and data.
- Abnormal authentication activities
– such as out of hours attempts
- Shared accounts
- multiple sources using a user’s login details
- Suspicious connections behaviour
- such as attempts on closed ports
- Abnormal administrative behaviour
- monitoring of inactive accounts.
- Information theft
- Data exfiltration attempts and information leakage.
- Vulnerability scanning and correlation- Identify and act.
- Statistical analysis
– monitoring of key usage indictors.
- Intrusion detection
- using data from antivirus, anti‐malware applications
- System change activities
- audit and policy configuration changes etc
Without a SIEM solution, a security analyst must trawl through millions of non‐comparable data stored in “silos” for each hardware, software, and security source. So, for businesses to establish an effective cybersecurity program, a next‐gen SIEM solution is a must‐have.
educate: security awareness training
Cyber Criminals are not only targeting your systems directly, they are actively attacking your staff.
Find out more . . . . .
Why? Because they are the weakest link, whether it's a lack of awareness, curiosity or faith that the IT systems will protect them.
Phishing Attacks are by no means complex; they simply take advantage of well‐known weaknesses and poor behaviour traits of human email recipients and computer users:
30% of Phishing emails which arrive in the inbox are Opened by the recipient;
For each Phishing email that is opened, 12% of people either click on an embedded link or download an attachment.
Estimates show that around a further 12% of people proceed to disclose the information requested (or perform the task requested) in a Phishing Email – with this figure rising significantly for more advanced forms of phishing attacks such as Spear Phishing and CEO fraud.
It's time for a comprehensive approach to tackle the root cause in over 90% of security incidents: human error. Security Awareness Education (SAE) is one of the fastest growing areas of cyber security, helping you build a Human Firewall. Learn more in our Ultimate Guide to SAE.
For an insight into how your organisation can build best practice around security education, with the ability to include real-time engagement, and turn your greatest threat into the first line of defence, request a free trial today.
Find out more.
We have been delivering business intelligence and analytics solutions since 2002 and in that time we have implemented and supported applications to hundreds of commercial and public sector organisations.
Get in touch
Just drop us an email with any questions or to find out more details.