Earlier this month we hosted a Breakfast Briefing exploring how new technologies are making our lives easier, but also creating opportunities for malicious intent and user error. Blockchain, biometrics and cryptography are just some of the exciting advances we’ve made in recent years – technology that was thought of as sci-fi not so long ago. However, not all cyber security tools have developed at the same rate, leaving businesses, organisations, governments and individuals vulnerable to threats.

Here’s an overview of the event providing some insight and a reminder of what was discussed.

The Promise Of Ai, Ml And Data Science – Cyglass

Our first speaker was Matthew McKenna, VP International Operations at Cyglass. He spoke about the excitement around artificial intelligence, machine learning and data science as the solution to all our cyber security woes. But first there were some myths to dispel such as how technology like machine learning isn’t really ‘new’, and that these intelligent solutions are not a magic bullet.

McKenna posed an interesting question, “how to find the needle in the haystack when you don’t know what the needle or the hay look like?” That said, although AI and machine learning don’t provide all the answers, they do have significant potential, particularly when used holistically.

That means understanding what ‘normal’ looks like by applying learning to multiple layers of the stack. Consequently the technology gets the big picture on the relationship between activity, users and assets, and starts to understand what the needle and the hay could look like.

Multi-Vector Container Firewall – NeuVector

The second presentation came from Dieter Reuter, Chief Solutions Architect at NeuVector. He provided an insight into container attacks and how traditional security solutions are often blind to these types of attack because of lack of visibility.

Reuter also spoke about the challenges of securing containers that are constantly changing, and the increase in internal East-West traffic. NeuVector’s solution – Multi-Vector Container Firewall – detects violations of normal behaviour, application threats, vulnerabilities and privileged escalations, using a container itself. The NeuVector technology is based on behavioural learning, using a whitelist policy that enforces rules in real time.

Automated Detection And Response – Fidelis

Our final speaker was Andrew Bushby from Fidelis. He opened with some startling statistics about the ability of company security teams to respond to security alerts:

  • 83% of companies surveyed can’t even triage HALF of their security alerts each day
  • 62% can’t even triage aQUARTER of their daily alerts

With the volume of data that the average organisation processes and stores across the IT estate, it is no surprise the SOC analysts can only investigate a percentage of those security alerts.

Andrew spoke about the solution of automated detection and response (ADR) technology to handle security alerts. However, to maximise this technology many company security operations need to be in better shape. The ideal is a unified security stack, contextual perspective across the entire environment and therefore the ability to detect and respond threats. This is where intelligence and the need for visibility comes in again. With better visibility on the entire network and data assets, and intelligence from analysts, machine learning and IOC feeds, automated detection and response becomes a possibility.

Andrew then shared a case study with Electric Power, demonstrating how The Fidelis ElevateTMPlatform – the ADR solution -works in practice.

Our Breakfast Briefings are always an enlightening session with great contributions for our speakers and guests. If this insight into our Next Gen IT Security briefing has piqued your interest, you can register and find details of our next event here.