19 Dec 16. USAF, industry go on “offense” with cybersecurity.
The Air Force and private industry are refining new cyber techniques designed to anticipate and thwart enemy attacks before they happen. IT management firm Robbins Gioia, a cyber security partner with the Air Force and other government entities, told Defense Systems about some cutting-edge methods currently used to examine code behind firewalls.
“We create an intelligence radar for upcoming threats” to allow them to detect and respond proactively, Andrew Robinson, CEO of Robbins Gioia, said in an interview.
These tactics are aimed at filtering through current systems to establish areas where cyber-attackers might seek to penetrate networks.
“Look behind the firewall and start to filter through current systems and determine where weaknesses in their code and structure exist,” Robinson explained.
Another element of this approach involves a thorough assessment of prior cyber-attacks on other government systems as a method of setting up a defense against them.
Robinson explained that, in some cases, porting data to different architecture, new blade servers or modernized firewalls can be part of the calculus for a so-called “active defense” posture.
The strategy is intended to leverage security data form multiple sources, including operating system logs, application logs, firewall log data, proxy logs, intrusion detection systems, host-based intrusion detection systems, identity management systems and dynamic malware execution environments, RG officials explained.
Robbins Gioia’s collaboration with the Air Force incorporates an approach called “cyber radar.” This is, as it sounds, a cyber-threat detection technique using a dashboard to assess risk and real-time vulnerability. RG’s efforts also include implementing Risk Management Framework guidance from the National Institute of Standards and Technology.
This is an important move, said Robinson, because as security controls are no longer a one-size-fits-all compliance drill. Instead, the agencies can focus on identifying and prioritizing actual risk, based on mission impact, and tailor controls for each system.
Although Robbins Gioia did not cite specifics regarding various cyber techniques, their effort to identify and thwart would-be attackers is consistent with a common cyber-security tactic known as a “honey pot.”
“Honey Pot” cyber techniques generally involve luring potential malicious actors to a particular system where their actions can be more easily observed, RG officials said.
“The technique also helps protect key data stores since their activities are diverted and defenders can assess the best methods to intercept or block new attacks,” a company official told Defense Systems. (Source: Defense Systems)
19 Dec 16. Cyberbit, whose cybersecurity solutions protect the world’s most sensitive systems, today announced a new version of its SOC 3D automation and orchestration platform that increases productivity and effectiveness of the SOC and substantially reduces incident response times. The new SOC 3D platform integrates with all major SIEM and security solutions, automates SOC runbooks and workflows, and prioritizes incidents according to their business impact. SOC 3D increases a SOC team’s ability to manage and respond to the most critical threats facing the business and eliminate fatigue from the storm of excessive alerts.
According to the Ponemon Institute’s 2016 Cost of Data Breach Study, organizations recognize that the longer it takes to detect and contain a data breach, the more costly it becomes to resolve. SOC 3D reduces the time to identify and respond to these advanced threats saving companies time and money. SOC 3D boosts the effectiveness of the enterprise SOC by maximizing existing investments and staff. The platform simplifies, automates and continuously optimizes response workflows, accelerates decision making, and prioritizes critical incidents via a single management console.