Today we announce the publication of our Special Report: Reduce Risk with Real-time Interactive Remediation of Network Traffic. It contains a discussion and explanation of the emerging capabilities of technologies to enable real-time decisions based on live / streaming network traffic data to reduce cybersecurity and operational risk.
Cybersecurity interactive remediation and network optimization
In a world where cyber criminals are utilizing increasingly sophisticated methods and where vulnerabilities and anomalies can be continuously exploited and propagated at machine speeds, it is of paramount importance that threats be identified and remediated in real-time.
To do so requires continuous, real-time situational awareness derived from timely and reliable information. Networks are one such source of ground truth, and we are vocal proponents of exploiting the value of continuous, real-time network traffic inspection to best inform risk-based and operational decisions.
Improvements are beginning, more to do
The conventional wisdom of leveraging log analysis, sampled data and wading through alert queues from point solutions characterizes how organizations evaluate signals within their data to make decisions “as quickly as possible,” today. This has resulted in the current, but improving, status-quo of Mean Time To Detect (MTTD) and Mean Time To Respond (MTTR) expectations around cyber incidents or network performance issues. According to the Fireeye/Mandiant M-Trends 2019 report time to detect or “dwell time” is down to 78 days in 2018 (with variations by geographic region), down from 101 days in 20171. Likewise, the 2018 Cost of a Data Breach Study found a mean time to identify of 197 days and mean time to contain of 69 days2.
What we propose are significant improvements in these capabilities resulting from a new and more integrated approach. New technologies and emerging integrated processes now enable organizations to better leverage live network data to gain deeper, more high-quality insights, in real-time at wire-speeds, to better understand and manage the data transiting networks. These emerging capabilities can not only serve to enrich existing analytics and workflow processes but then also help to identify and remediate network traffic of interest, should it be determined to be malicious or sub-optimal performance, by taking action to process, shunt/filter or terminate the traffic with the goal of further reducing MTTD and MTTR and overall risk.
Download the Special Report: Reduce Risk with Real-Time Interactive Remediation of Network Traffic.
For cybersecurity and network operations teams wanting to learn how to leverage real-time network traffic to reduce risk please contact us.
1. 2019 M-Trends Report, Fireeye Mandiant, March 2019 - https://content.fireeye.com/m-trends
2. 2018 Cost of a Data Breach Study: Global Overview, IBM & Ponemon Institute, July 2018 - https://www.ibm.com/security/data-breach