IT Security Needs Less Wall and More Monitoring and Detection
- TYPE: Workshop DATE: May 10, 2016 TIME: 09:00 - 13:00
Traditional approaches to IT security are in crisis. At one end of the spectrum they over-control users and constrain business agility. At the other end of the spectrum they fail to prevent data breaches despite ever increasing investments in people and technology. Something is wrong with traditional approaches. The defensive “default-deny” cycle of security where the goal is to prevent access and defend assets can no longer deal with the requirements of megatrends in technology and business.
So IT Security is in crisis. Orthodox solutions are just not built to protect today’s modern business. New ways to protect the organization are required; ones that do not rely on previously knowing threats, but instead operate on the basis of trusting users to do their job, but verify that they have not been compromised, or that they are not abusing that trust.
Businesses can protect against the majority of known threats using current IT security approaches such as static rules and controls. But this has approach has a huge overhead in complex IT situations, and requires building of ever-bigger walls. Even then, protecting against unknown threats is much harder and requires a different approach. Unknown threats may come from APTs, insider access or zero-day attacks. By using machine-learning and real-time understanding of normal user behavior, rather than access controls and pre-defined patterns, it can protect business by identifying and responding to attackers before they can do damage.
Using machine-learning algorithms it maintains a digital footprint of normal user and system behavior. This footprint is then used in real-time to analyze user activity and identify potential threats when a user acts out of context. With security breaches time is critical. The earlier a potential breach can be detected, the sooner it can be resolved and the damage minimized. Data breaches can be prevented.
During this workshop Balabit demo an advanced approach of using user monitoring and behavior analytics together to highlight anomalies within an IT environment.
Stefan-George-Ring 29 • 81929 München • Germany
Phone: +49 (0)89 9308 6477
Fax: +49 (0)89 9308 6467