It’s hardly a secret that the increasing use of mobile devices has vastly complicated the lives of IT and security leaders. It’s bad enough that the traditionally defined security perimeter is leaky as a sieve, but CSOs must now contend with growing numbers of devices that reside outside that perimeter and can connect to the enterprise network or cloud at will.
Enterprises have invested in cyber-defense tools such as antivirus, firewalls, and more. It’s not enough. What enterprises need are a combination of visibility, intelligence, and proactive security in a seamless, integrated architecture.
A recent study from Dimensional Research indicates that almost two-thirds of enterprise security professionals doubt their organizations could prevent a mobile cyber-attack. A stunning 94% of those surveyed expect mobile attacks to increase, and 79% say it is growing more difficult to protect mobiles devices.
Mobile Dependency
Many enterprises are now in a mobile-first world, heavily dependent on the mobile devices in use by their employees, while accessing assets hosted by third parties such as Salesforce.
But it’s not just the growing numbers of smartphones, tablets, and laptops that enterprises must confront. As SearchCIO points out in a recent report, “Protecting the mobile enterprise today means dealing with augmented reality and virtual reality devices and wearables, from smart watches to industry-specific technologies (i.e., connected medical monitors used in healthcare and smart glasses used in utilities).” And that is just the tip of the Internet of Things (IoT) iceberg or an increasingly connected enterprise.
With that many moving parts, it’s virtually certain that enterprises are going to get hacked. Not only were traditional tools constructed to protect a physical perimeter that in the main no longer exists, but it turns out those tools aren’t designed for the planned, targeted attacks that are making today’s headlines.
“Threats are getting more advanced, more insidious, and more expensive, and they will doubtlessly continue to do so—in order to combat this, businesses really do have to be secure from the edge, to the core, and up into the cloud,” technology analyst Patrick Moorhead writes in Forbes.
Rising to the Challenge
Many enterprises are operating under the pretense that security information and event management (SIEM) solutions provide the last line of defense through the constant monitoring and analysis of the alerts produced by network devices and security software. But these solutions don’t scale very well in a world of mobile and cloud and can produce “alarm fatigue” as staff respond to non-threatening incidental events.
Don’t lose hope, though. Help is on the way.
“We are in the midst of an artificial intelligence security revolution,” says Dimitrios Pavlakis, industry analyst at ABI Research. According to ABI, “User and Entity Behavioral Analytics (UEBA) along with Deep Learning algorithm designs are emerging as the two most prominent technologies in cybersecurity offerings.”
UEBA, writes Gartner’s Anton Chuvakin, “offers profiling and anomaly detection based on a range of analytics approaches, usually using a combination of basic analytics methods (e.g., rules that leverage signatures, pattern matching and simple statistics) and advanced analytics (e.g., supervised and unsupervised machine learning).”
UEBA complements SIEM’s ability to monitor what is going on by adding context and insight into the who, how, and why of that activity. It is the realization of the Active Cyber Defense (ACD) goals of “sensing, sense making, decision making, and action” that are crucial for an effective security architecture in a mobile-first world.
Learn More
Watch the video to learn how Aruba Introspect behavioral analytics solution accelerates the exposure of cyber threats and efficiently prioritizes and investigates those that really matter, so you can proactively respond before the damage is done.
Deep dive into Aruba IntroSpect.