Category Archives: Security Intelligence & Analytics

Zero Trust: Confidently Secure Your Business to Grow Fearlessly

Posted on by

What would your business be able to do if security risks were no longer a concern?  What sort of products would you build for your customers? What types of experiences could you enable for your employees to be more effective? What would you change to power your business forward? As the general manager for IBM […]

The post Zero Trust: Confidently Secure Your Business to Grow Fearlessly appeared first on Security Intelligence.

Continue reading Zero Trust: Confidently Secure Your Business to Grow Fearlessly

Don’t Make Headlines Over an Insider Incident: Lessons From the Frontlines

Posted on by

On the path to becoming more cyber secure, organizations across the globe spend an estimated $60 billion per year to defend their assets, recruit talent and work to prevent and respond to cyberattacks. Moreover, security spending is expected to rise another 10% in 2021. But while much of an organization’s security focus and spending is […]

The post Don’t Make Headlines Over an Insider Incident: Lessons From the Frontlines appeared first on Security Intelligence.

Continue reading Don’t Make Headlines Over an Insider Incident: Lessons From the Frontlines

Alert Fatigue: How AI Can Help You Address Your Most Important Alerts

Posted on by

When someone says the word hurricane, I hear the shrill weather-alert warning sound in my head. Having grown up in Florida and now living in North Carolina, I’ve been through many hurricanes and have the routine down — stock up on supplies and hurricane snacks, bring in the patio furniture, fill up the cars with […]

The post Alert Fatigue: How AI Can Help You Address Your Most Important Alerts appeared first on Security Intelligence.

Continue reading Alert Fatigue: How AI Can Help You Address Your Most Important Alerts

The Story of FakeChat

Posted on by

Starting late December 2020, IBM Trusteer’s mobile threat research lab discovered and began closely tracking a new Android banking malware that appeared to be mostly targeting users in Spain. Per our analysis, the purpose of the malware is to steal credit card numbers, bank account credentials and other private information from its victims. Once a […]

The post The Story of FakeChat appeared first on Security Intelligence.

Continue reading The Story of FakeChat

Why You Need Attack Surface Management (And How To Achieve It)

Posted on by

Attack surface management (ASM) has rightly become a major priority for business leaders and digital defenders alike. The number of connected things is growing, and that means attackers have far more entryways into your networks and systems. With ASM, you can respond proactively to threats to stop them before they start. What is ASM?  So, […]

The post Why You Need Attack Surface Management (And How To Achieve It) appeared first on Security Intelligence.

Continue reading Why You Need Attack Surface Management (And How To Achieve It)

Cloud Native Tools Series Part 3: Get the Right Tools

Posted on by

As we near the end of our journey into cloud native tools, let’s take a look at visibility. In a previous post, I discussed how business entities need to understand their end of the Amazon Web Services (AWS) shared security model to uphold their cloud defense duties. This knowledge can help them safeguard their digital […]

The post Cloud Native Tools Series Part 3: Get the Right Tools appeared first on Security Intelligence.

Continue reading Cloud Native Tools Series Part 3: Get the Right Tools

What Is SIEM and How Does it Work? The Past, Present and Future

Posted on by

Security information and event management (SIEM) solutions provide organizations centralized visibility into their IT and even sometimes OT environments. At a high level, a SIEM turns data into actionable insights by: Ingesting a vast amount of event data from across the enterprise, including on-premise and cloud-based environments; Applying real-time analytics to aggregate related security events […]

The post What Is SIEM and How Does it Work? The Past, Present and Future appeared first on Security Intelligence.

Continue reading What Is SIEM and How Does it Work? The Past, Present and Future

‘Inbox Zero’ Your Threat Reports: How to Combat Security Alert Fatigue

Posted on by

At best, a new cybersecurity alert should trigger immediate action. But we all know in practice that work is not always clear cut. A new alert can find itself as just the latest un-addressed number in the inbox. In an inbox-zero case, the latest new alert is the most urgent task. But in a backed-up, […]

The post ‘Inbox Zero’ Your Threat Reports: How to Combat Security Alert Fatigue appeared first on Security Intelligence.

Continue reading ‘Inbox Zero’ Your Threat Reports: How to Combat Security Alert Fatigue

How AI in Cybersecurity Addresses Challenges Faced by Today’s SOC Analysts

Posted on by

Today’s security operations centers (SOC) have to manage data, tools and teams dispersed across the organization, making threat detection and teamwork difficult. There are many factors driving complex security work. Many people now work from home with coworkers in far-away places. The cost and maintenance of legacy tools and the migration to cloud also make […]

The post How AI in Cybersecurity Addresses Challenges Faced by Today’s SOC Analysts appeared first on Security Intelligence.

Continue reading How AI in Cybersecurity Addresses Challenges Faced by Today’s SOC Analysts

Combating Sleeper Threats With MTTD

Posted on by

During the SolarWinds Orion supply chain compromise, threat actors lurked in the victim’s network for more than a year. Discovered by FireEye in December 2020, the earliest traces of a modified SolarWinds Orion go back as early as October 2019. Although these early versions did not contain the malicious backdoor (this was added in March […]

The post Combating Sleeper Threats With MTTD appeared first on Security Intelligence.

Continue reading Combating Sleeper Threats With MTTD