Editorial & Advertiser Disclosure Global Banking And Finance Review is an independent publisher which offers News, information, Analysis, Opinion, Press Releases, Reviews, Research reports covering various economies, industries, products, services and companies. The content available on globalbankingandfinance.com is sourced by a mixture of different methods which is not limited to content produced and supplied by various staff writers, journalists, freelancers, individuals, organizations, companies, PR agencies Sponsored Posts etc. The information available on this website is purely for educational and informational purposes only. We cannot guarantee the accuracy or applicability of any of the information provided at globalbankingandfinance.com with respect to your individual or personal circumstances. Please seek professional advice from a qualified professional before making any financial decisions. Globalbankingandfinance.com also links to various third party websites and we cannot guarantee the accuracy or applicability of the information provided by third party websites. Links from various articles on our site to third party websites are a mixture of non-sponsored links and sponsored links. Only a very small fraction of the links which point to external websites are affiliate links. Some of the links which you may click on our website may link to various products and services from our partners who may compensate us if you buy a service or product or fill a form or install an app. This will not incur additional cost to you. A very few articles on our website are sponsored posts or paid advertorials. These are marked as sponsored posts at the bottom of each post. For avoidance of any doubts and to make it easier for you to differentiate sponsored or non-sponsored articles or links, you may consider all articles on our site or all links to external websites as sponsored . Please note that some of the services or products which we talk about carry a high level of risk and may not be suitable for everyone. These may be complex services or products and we request the readers to consider this purely from an educational standpoint. The information provided on this website is general in nature. Global Banking & Finance Review expressly disclaims any liability without any limitation which may arise directly or indirectly from the use of such information.

LIGHTCYBER INTRODUCES NEW TOOLS FOR CORPORATE SECURITY ASSURANCE

LightCyber, a leading provider of Behavioural Attack Detection solutions, has announced new tools that equip enterprises to meet increasing Board demands for security accountability and compliance with internal and industry regulations, such as the General Data Protection Regulation (GDPR). LightCyber also introduced updated metrics from customer production systems and an online calculator so that prospective customers canquickly and easily assess current operational efficiency and the gains that they will receive from a LightCyber Magna deployment.

“Clearly traditional security infrastructure is failing to curtail network attacks leading to a data breach or damage to an organisation’s most critical assets and resources,” said Jason Matlof, executive vice president, LightCyber. “One dominant reason for the rising inability to find network attackers is the vast number of security alerts and the low level of accuracy for which security teams have to contend.Traditional enterprise security vendors have not properly armed security operators with the tools they need to accurately know whether or not an attacker is present on their network. Boards and executives will no longer accept this level of uncertainty, and are demanding more definitive confirmation of security assurance.”

Security Assurance

Boards, executives and other oversight groups are increasingly demanding definitive reports from their IT organisations that attests that the enterprise network is free from active attackers—either malicious insiders or targeted external attackers. Given the historical inaccuracy of traditional security system alerts, this type of definitive summary report was virtually impossible to generate for the average enterprise. The new Security Assurance report from LightCyber Magna demonstrates the summary status of attack behaviour, and can demonstrate when all anomalous attack behaviours are resolved or remediated. The report serves as an important component for security accountability in an age when most attacks can only be detected after the damage is done.

Wasted Time and Wild Goose Chases

One reason for security operators’ inability to definitely attest to the organisational security posture using traditional security tools is the vast number of alerts with a low level of accuracy produced by those systems. A survey conducted by the Ponemon Institute showed that 68% of security operations teams spend a significant amount of time dealing with false positive alerts with more than half their time wasted on alerts that are not productive.This type of gross system inaccuracy drives great inefficiencies that prevent security organisations from effectively assuring their organisational leadership of their security.

The new LightCyber Security Operations Centre (SOC)OPEX Calculator helps quantify the accuracy and efficiency of security tools and their impact on security teams. According to the Gartner Market Guide for User and Entity Behaviour Analytics, published on 8 December 2016,“Some large Gartner clients receive from 500,000 to one million alerts a day across multiple security monitoring systems, such as SIEM and DLP.”

The LightCyber SOC OPEX Calculator is based upon accuracy and efficiency metrics data aggregated and anonymised from customer production deployments. In the period from July 1, 2016 to December 31, 2016, LightCyber customers achieved a mean efficiency of 0.9 alertsper 1,000 endpoints per day. For example, a company with 5,000 endpoints would expect to receive 4.5total alerts per day from LightCyber Magna. The mean accuracy reported for LightCyber customers is 99% for confirmed alerts and 61% percent for all alerts, which is a measure of the alerts usefulness according to user classification.

“Why should security professionals continue to accept hundreds or thousands of alerts per hour or day from their security systems when the vast majority of alerts lack any real value?” said Jim Broome, president of Direct Defense and security assessment expert. “Many of our clients are buried in far more security alerts than they can possibly review.” One LightCyber customer claimed that they had been receiving about 20,000 alerts per week just from their IPS. The Chief Information Security Officer (CISO) quipped, “Having a thousand alerts is nearly the same as getting a million—the number is too big to investigate a meaningful fraction of them.”

The Security Assurance report is available now, and the SOC OPEX Calculator is now live on the LightCyber website and freely available for anyone to use.  Take the SOC OPEX assessment using the online calculator today.

LC-Security-Assurance-Infographic