In late April, Computer Business Review took the Dining Club to the United Arab Emirates, hosting a cyber security-focused event in the luxurious surroundings of Dubai’s Atlantis: The Palm hotel.
The event, presented in association with LogRhythm, was attended by two dozen senior IT and security decision makers drawn from a wide range of industries from across the UAE.
The evening’s discussion focused on the nature of internal and external attacks, before focusing on how to detect and combat those threats. In 2018, risks come not from one source but a range of potential actors. Today, account takeover, insider threats, and privilege abuse and misuse can all result in data theft, fraud, sabotage and other forms of dangerous activity.
Asked to identify the one concern, above all others, that was occupying the attentions of their organisation, attendees offered a wide range of issues. These included the increased complexity of the threats, a lack of resources to respond to attacks, the impact of cloud computing, the potential impact of forthcoming technologies such as blockchain, increased compliance demands, and a lack of visibility of emerging threats.
Picking up on that final theme, one attendee summed up the challenge as “not knowing what we don’t know”.
Presenting for LogRhthym, Vice President and Managing Director of Europe, the Middle East and Africa (EMEA) Ross Brewer noted how it had become increasing difficult to distinguish between normal and abnormal behaviour. He said it was essential to “stop looking a person’s face” given that 70 per cent of breaches involve credential takeovers. Instead, it was important to look through a more sophisticated lens at behaviour and to establish baseline monitoring of networks and endpoints.
Brewer said LogRhythm used two metrics when providing a service to its customers. Its aim is to reduce meantime to detecting a threat and to reduce meantime to responding to threats.
Ultimately when it comes to behavioural analysis, organisations need to understand how to distinguish between anomalous activity that is benign and anomalous activity that is nefarious.
‘From insider attack to account takeover: how to detect and combat threats to your business’, a CBR Dining Club event in association with LogRhythm, took place at the Dubai’s Atlantis: The Palm hotel on 23 April 2018.
This article is from the CBROnline archive: some formatting and images may not be present.