In its 2017 State of Malware Report, Malwarebytes Labs recorded a 267 percent increase in ransomware between January 2016 and November 2016, with over 400 different variants in total. The report noted that while malware authors mostly relied on ransomware to make the bulk of their revenues, there was an increase in ad fraud as well. Botnets and mobile malware also continue to expand and evolve. The report predicts that until IoT devices become secure out of the box, botnets will get even bigger and pose an even greater threat to the internet – and any company connected to it.
Financial services organizations are facing a relentless and determined cyber assault. Many recent factors have converged to create greater complexity and threat opportunity in the network, undermining the effectiveness of security prevention solutions. Bring Your Own Device (BYOD) can act as a Trojan horse to gain access to the network, and employees or contractors can knowingly or unwittingly mishandle data in a way that results in a breach. Cloud computing also provides new opportunities for attackers, who are constantly looking for novel ways to breach the wall by exploiting vulnerabilities.
One of those opportunities is, oddly enough, a non-malware attack. In this situation no malware is downloaded to the user’s computer. Instead, a malware script is activated that exploits vulnerabilities in flash, web browsers and other existing tools on the computer. As many of the security prevention solutions installed are focused on preventing malware download, this attack nullifies the effectiveness of a large part of the security architecture.
While security prevention solutions are still necessary, today’s threats require an additional layer of advanced threat detection, which can be deployed based on user and network behavior analysis. These internal advanced threat solutions rely on continuous monitoring of network activity to first establish a profile of normal network behavior and then compare real-time activity to this profile to detect anomalous behavior. When used in conjunction with the information from other security solutions, it can provide the first indication that a breach has taken place.
Advanced threat detection, because it does not rely on detecting file downloads, is particularly effective in combating non-malware attacks. Instead, it detects activities that are out of the ordinary, giving the security team the basis for further investigation.
In order to analyze network behavior, the ability to analyze all network traffic in real time must be operational. This requires packet capture solutions that can deliver each and every packet for analysis without packet loss, even at speeds up to 100G.
Network Recording Capability
When a breach is detected, the immediate concern is to determine the extent of the breach and the company’s exposure. The CISO or CIO will expect the security team to be able to report exactly what happened, when it happened and why it happened within a matter of hours.
The catch is that today’s security solutions are usually designed to prevent and detect threats in real time or at least near-real-time. The ability to reconstruct the anatomy of an attack in detail is often impossible, especially if the attack took place up to six months ago. There is therefore a strong case to be made for establishing the capability to record network traffic in a way that will allow the reconstruction of a breach even months after the fact.
The benefit of having a packet capture-to-disk or network recording capability is twofold. It allows every packet on the network to be recorded at speeds up to 100 Gbp and can also provide multiple security analysis applications access to the same data. This allows deep-dive analysis of reliable network data on demand to support near-real-time forensic analysis or analysis of breaches several months in the past.
From Preventive to Adaptive
The evolving and expanding threat landscape calls for a whole new mindset regarding cybersecurity. In Designing an Adaptive Security Architecture for Protection from Advanced Attacks, Gartner elaborated on the concept of an adaptive security architecture first proposed in 2014. In the analysis, Gartner concluded that there is an over-reliance on security prevention solutions, which are insufficient to protect against motivated, advanced attackers. The alternative proposed was an adaptive security architecture based on the following critical capabilities:
- Preventive – to stop attacks
- Detective – to find attacks that have evaded preventive capabilities
- Predictive – to learn from attacks and industry intelligence to improve capabilities and proactively predict potential new attacks
- Retrospective – to react to attacks and perform forensic analysis
The ability to perform continuous monitoring and analytics, including network monitoring and analysis, underpins this adaptive security architecture framework.
Learning to Adapt
The infrastructure to support an adaptive security framework is comprised of advanced threat detection solutions, next-generation SIEM solutions and packet capture capabilities:
Using this set of tools in concert, organizations can detect zero-day threats, prevent known attacks and detect anomalous behavior that can indicate breaches that have circumvented defenses. The alerts and information from each solution are correlated and condensed by solutions like security information and event management systems that will enable security teams to quickly focus their attention on the most important threats.
Visibility is critical today, in light of increasing complexity of both the network and the threats against it. A comprehensive view is possible if security prevention and detection solutions work together. A key component of this approach is full packet capture for near-real-time forensic analysis and post-breach analysis. Together, these capabilities create past and present visibility for truly adaptive security.
With major technology companies and startups seriously embracing Cloud strategies, now is the perfect time to attend 21st Cloud Expo, October 31 – November 2, 2017, at the Santa Clara Convention Center, CA, and June 12-14, 2018, at the Javits Center in New York City, NY, and learn what is going on, contribute to the discussions, and ensure that your enterprise is on the right path to Digital Transformation.
Track 1. Enterprise Cloud | Cloud-Native
Track 2. Big Data | Analytics
Track 3. Internet of Things | IIoT | Smart Cities
Track 4. DevOps | Digital Transformation (DX)
Track 5. APIs | Cloud Security | Mobility
Track 6. AI | ML | DL | Cognitive
Track 7. Containers | Microservices | Serverless
Track 8. FinTech | InsurTech | Token Economy
Cloud Expo | @ThingsExpo 2017 Silicon Valley
(October 31 – November 2, 2017, Santa Clara Convention Center, CA)
Cloud Expo | @ThingsExpo 2018 New York
(June 12-14, 2018, Javits Center, Manhattan)
Download Show Prospectus ▸ Here
Every Global 2000 enterprise in the world is now integrating cloud computing in some form into its IT development and operations. Midsize and small businesses are also migrating to the cloud in increasing numbers.
Companies are each developing their unique mix of cloud technologies and services, forming multi-cloud and hybrid cloud architectures and deployments across all major industries. Cloud-driven thinking has become the norm in financial services, manufacturing, telco, healthcare, transportation, energy, media, entertainment, retail and other consumer industries, and the public sector.
Cloud Expo is the single show where technology buyers and vendors can meet to experience and discus cloud computing and all that it entails. Sponsors of Cloud Expo will benefit from unmatched branding, profile building and lead generation opportunities through:
- Featured on-site presentation and ongoing on-demand webcast exposure to a captive audience of industry decision-makers.
- Showcase exhibition during our new extended dedicated expo hours
- Breakout Session Priority scheduling for Sponsors that have been guaranteed a 35-minute technical session
- Online advertising in SYS-CON’s i-Technology Publications
- Capitalize on our Comprehensive Marketing efforts leading up to the show with print mailings, e-newsletters and extensive online media coverage.
- Unprecedented PR Coverage: Editorial Coverage on Cloud Computing Journal.
- Tweetup to over 75,000 plus followers
- Press releases sent on major wire services to over 500 industry analysts.
For more information on sponsorship, exhibit, and keynote opportunities, contact Carmen Gonzalez by email at events (at) sys-con.com, or by phone 201 802-3021.
The World’s Largest “Cloud Digital Transformation” Event
@CloudExpo | @ThingsExpo 2017 Silicon Valley
(Oct. 31 – Nov. 2, 2017, Santa Clara Convention Center, CA)
@CloudExpo | @ThingsExpo 2018 New York
(June 12-14, 2018, Javits Center, Manhattan)
Full Conference Registration Gold Pass and Exhibit Hall ▸ Here
Register For @CloudExpo ▸ Here via EventBrite
Register For @ThingsExpo ▸ Here via EventBrite
Register For @DevOpsSummit ▸ Here via EventBrite
Sponsors of Cloud Expo | @ThingsExpo will benefit from unmatched branding, profile building and lead generation opportunities through:
- Featured on-site presentation and ongoing on-demand webcast exposure to a captive audience of industry decision-makers
- Showcase exhibition during our new extended dedicated expo hours
- Breakout Session Priority scheduling for Sponsors that have been guaranteed a 35 minute technical session
- Online targeted advertising in SYS-CON’s i-Technology Publications
- Capitalize on our Comprehensive Marketing efforts leading up to the show with print mailings, e-newsletters and extensive online media coverage
- Unprecedented Marketing Coverage: Editorial Coverage on ITweetup to over 100,000 plus followers, press releases sent on major wire services to over 500 industry analysts
For more information on sponsorship, exhibit, and keynote opportunities, contact Carmen Gonzalez (@GonzalezCarmen) today by email at events (at) sys-con.com, or by phone 201 802-3021.
All major researchers estimate there will be tens of billions devices – computers, smartphones, tablets, and sensors – connected to the Internet by 2020. This number will continue to grow at a rapid pace for the next several decades.
With major technology companies and startups seriously embracing Cloud strategies, now is the perfect time to attend @CloudExpo | @ThingsExpo, October 31 – November 2, 2017, at the Santa Clara Convention Center, CA, and June 12-4, 2018, at the Javits Center in New York City, NY, and learn what is going on, contribute to the discussions, and ensure that your enterprise is on the right path to Digital Transformation.
Delegates to Cloud Expo | @ThingsExpo will be able to attend 8 simultaneous, information-packed education tracks.
There are over 120 breakout sessions in all, with Keynotes, General Sessions, and Power Panels adding to three days of incredibly rich presentations and content.
Join Cloud Expo | @ThingsExpo conference chair Roger Strukhoff (@IoT2040), October 31 – November 2, 2017, Santa Clara Convention Center, CA, and June 12-14, 2018, at the Javits Center in New York City, NY, for three days of intense Enterprise Cloud and ‘Digital Transformation’ discussion and focus, including Big Data’s indispensable role in IoT, Smart Grids and (IIoT) Industrial Internet of Things, Wearables and Consumer IoT, as well as (new) Digital Transformation in Vertical Markets.
Financial Technology – or FinTech – Is Now Part of the @CloudExpo Program!
Accordingly, attendees at the upcoming 21st Cloud Expo | @ThingsExpo October 31 – November 2, 2017, Santa Clara Convention Center, CA, and June 12-14, 2018, at the Javits Center in New York City, NY, will find fresh new content in a new track called FinTech, which will incorporate machine learning, artificial intelligence, deep learning, and blockchain into one track.
Financial enterprises in New York City, London, Singapore, and other world financial capitals are embracing a new generation of smart, automated FinTech that eliminates many cumbersome, slow, and expensive intermediate processes from their businesses.
FinTech brings efficiency as well as the ability to deliver new services and a much improved customer experience throughout the global financial services industry. FinTech is a natural fit with cloud computing, as new services are quickly developed, deployed, and scaled on public, private, and hybrid clouds.
More than US$20 billion in venture capital is being invested in FinTech this year. @CloudExpo is pleased to bring you the latest FinTech developments as an integral part of our program, starting at the 21st International Cloud Expo October 31 – November 2, 2017 in Silicon Valley, and June 12-14, 2018, in New York City.
The upcoming 21st International @CloudExpo | @ThingsExpo, October 31 – November 2, 2017, Santa Clara Convention Center, CA, and June 12-14, 2018, at the Javits Center in New York City, NY announces that its Call For Papers for speaking opportunities is open.
Submit your speaking proposal today! ▸ Here
About SYS-CON Media & Events
SYS-CON Media (www.sys-con.com) has since 1994 been connecting technology companies and customers through a comprehensive content stream – featuring over forty focused subject areas, from Cloud Computing to Web Security – interwoven with market-leading full-scale conferences produced by SYS-CON Events. The company’s internationally recognized brands include among others Cloud Expo® (@CloudExpo), Big Data Expo® (@BigDataExpo), DevOps Summit (@DevOpsSummit), @ThingsExpo® (@ThingsExpo), Containers Expo (@ContainersExpo) and Microservices Expo (@MicroservicesE).
Cloud Expo®, Big Data Expo® and @ThingsExpo® are registered trademarks of Cloud Expo, Inc., a SYS-CON Events company.