Technology, demographics, economic and geopolitical forces are constantly shifting, creating a fluid cybersecurity environment. Cyber criminals are designing and implementing tailored malware, advanced persistent threats, massive Distributed Denial of Service (DDoS) attacks and an endless variety of other techniques to disrupt organizations of all types, across all industries. Faced with these challenges, security teams are developing new approaches to safeguard their organizations from a variety of increasingly sophisticated attackers.
In most attack scenarios, cyber criminals follow a standardized approach to infiltrate a target, including research, preparation, deployment and control. This is also known as the “attack chain.” Each step has a distinct signature, if you know where to find it. With enough visibility into the extended network and robust intelligence, an attack can often be detected and stopped before it inflicts much damage. Intelligence comes from a variety of sources, including native intelligence from within the organization, commercially available information and ongoing analysis of user behavior. This combined intelligence enables the most effective detection of threats. Using the network to gather intelligence allows cyber defenders to gain a better understanding of what their adversaries are doing, and how to prevent it.