Kayla Matthews explores how access to real-time data can strengthen an organisation’s cyber security efforts in the face of increasing attacks
Using real-time data to improve an organisation’s security posture is still in its early stages.
Many of the discussions surrounding cyber security mention how it must be more of a priority than ever. Attacks are getting increasingly sophisticated and severe, leaving organisations scrambling to repair the damage.
Some people also talk about how it takes businesses too long to notice cyber threats. That issue means that when they do find evidence of infiltrations, it often takes longer to fix things since hackers had a prolonged period in which to wreak havoc.
These issues have caused analysts to suggest that real-time data could address some of cyber security’s weak spots. Real-time data gets delivered to end-users immediately after collection. That characteristic alone means IT professionals could receive up-to-date insights about the security of a network or related topics, and promptly act on them.
What are the newest cyber attacks to look out for?
With cyber attacks constantly developing and getting sneakier, we look at some of the newest attacks that companies must look out for. Read here
Security professionals struggle to contain threats
One of the reasons why bringing real-time data to cyber security makes so much sense is that security experts find it hard to manage the threats they face. They don’t notice them within the timeframes set by CrowdStrike as best practices for cyber security specialists.
CrowdStrike, which offers cloud-based endpoint protection, recommends allowing only one minute to detect an intrusion, 10 minutes to investigate it and one hour to remediate the issue.
The company calls this the 1:10:60 rule, and it recognises the role in automated systems to aid in faster detection. If a system gathers real-time data, users can rest assured they are getting the most recent details about what’s happening within a network.
However, a November 2019 report published by CrowdStrike found that 95% of respondents fall short of meeting all the time standards of the 1:10:60 rule. This found that respondents take an average of 162 hours to detect and contain breaches. Furthermore, 80% of respondents said they were unable to stop attacks on their networks over the previous 12 months, and 44% cited slow detection as the cause.
If security teams have access to real-time data when needed, such visibility solves the problem of not detecting breaches quickly enough. Then, companies save time and money, since access to the network does not remain open to malicious parties for as long as it may once have.
Some cyber security maps display real-time data
Information delivered in a visual format is easier for many people to digest. That reality led to the rise of infographics and similar resources that aid viewers in seeing data in context and noticing things they may otherwise miss.
Many cyber security companies that offer real-time data solutions transfer their collected information onto maps that update as conditions change. Some of them show cyberattack occurrences by area, as well as their types. Others reveal the locations of servers used to conduct internet-based crimes.
The information shown on these maps could help cyber security professionals understand more about the issues. Also, since these are publicly accessible sources, people who have not worked with real-time data during their cyber security efforts may start to see its value by monitoring what these maps display.
Another helpful advantage of these real-time maps is that they may help executive decision-makers choose when and where to deploy better security solutions, mainly if they oversee companies with a national or international reach. Half of the cyber security battle relates to stopping attacks before they happen. Paying more attention to in-the-moment trends could help professionals do that.
Overcoming the data visualisation barrier and addressing the decline in AI
Data visualisation remains one of the biggest barriers to achieving business goals and the usage of AI and ML has decreased dramatically, according to the latest survey from Big Data LDN. But, what’s the reason? Read here
A real-time operating system may be required
Like real-time data systems, which make information available as soon as it comes in, a real-time operating system (RTOS) is for applications that must process information immediately without buffer delays. Processing occurs in a tenth of a second or even less time.
The military is a sector that commonly relies on RTOS technology, particularly because it offers several features that meet the needs of defence departments. For example, an RTOS can defend against malicious attacks by enforcing identification and authentication measures to keep unauthorised parties out. Moreover, an RTOS offers residual information protection so the content of a freed or allocated resource is unavailable to other processes.
Outside of the military, there is a growing interest in using an RTOS operating system for Internet of Things (IoT) gadgets. Companies and consumers alike are embracing them on a wide scale and are eager to see how the connected devices could enhance the ways they live or work.
Many RTOS providers are pre-certified by the regulatory bodies associated with IoT devices for safety-centric industries like medicine and automotive. This saves money for companies and increases peace of mind.
People who are interested in using an RTOS for an upcoming project, whether for cyber security reasons or otherwise, must conduct thorough research first. Fortunately, there are detailed lists of the most popular RTOS companies defining the marketplace in 2020. They can serve as starting points for informing someone’s plans.
AI in cyber security: predicting and quantifying the threat
Jonathan Pope, CEO and co-founder at UK cyber security company, Corax, explains how AI in cyber security can predict and quantify the threat. Read here
AI can give feedback based on real-time data
Sometimes, it’s not enough to merely collect real-time data for cyber security purposes. The professionals who rely on the information also appreciate if a system gives them appropriate feedback that can shape their future actions. Some companies include artificial intelligence in their real-time data solutions. The idea is that AI algorithms immediately analyse real-time data, and then recommend procedures for cyber security teams to follow.
Vectra Networks provides such a solution for customers. Once Texas A&M University implemented it, the institution saved $7 million in one year, plus cut threat investigation times down to a few minutes. It previously required several days to address those potential network risks.
According to a report from MarketsandMarkets, the sector associated with AI in cyber security will enjoy a 23.3% combined annual growth rate for the period from 2019-2026. Artificial intelligence, or any other technology that ramps up decision-making potential, will not replace human knowledge. Cyber security professionals still have to evaluate the recommendations a system makes after collecting real-time data.
However, the persistent skills shortage in the IT security field means that most security professionals welcome extra help in dealing with current and possible cyber threats. In a study published in 2019, 74% of those polled said the skills shortage affected them.
Moreover, the results indicated that 63% of companies could not provide adequate training for their cyber security workers.
AI alone will not conquer the stressors caused by the skills shortage. However, if organisations choose to rely on real-time data to beef up their cyber security operations, it could reduce the chances that overtaxed IT security teams miss threats or do not correctly prioritise them.
Cyber security best practice: Definition, diversity, training, responsibility and technology
As part of Information Age’s Cyber Security Month, we look at cyber security best practice — everything from defining it to the importance of training. Read here
Real-time data will strengthen cyber security efforts
The options for using real-time data to improve cyber security efforts are still in the relatively early stages. However, there’s no doubt that security practitioners understand the need to deal with threats sooner — real-time data collection enables achieving that goal. Threats get mitigated sooner and teams feel more confident about how equipped they are to keep new cyber security risks at bay.