biggest difference between then and now is the scale of everything involved . Over time , gigabytes of data have turned into terabytes and soon they ’ ll become petabytes ; the same process can be seen in data transfer speeds and in ‘ Moore ’ s law ’ in data processing power speeds . Elsewhere , changing business habits have seen more employees work remotely , spreading business users out over even greater geographical distances . All of this makes it much harder for security teams to manually keep track of sensitive data and spot the abnormal behaviour patterns that indicates malicious activity .
Fortunately , data analytics and anomaly detection is one area where technology really can make a difference . Advances in automation and Machine Learning mean organisations can now build platforms that take a huge amount of manual legwork off the security teams , enabling them to focus on more important areas of the analytics and investigation process . The cost of these technologies is coming down too . Where they were once the reserve of largest enterprises , now businesses of all sizes can benefit from the time savings and insights they provide .
The road ahead looks just as familiar
Within the cybersecurity industry , many vendors are touting Quantum Computing as the next big game-changer , claiming criminals will be able to crack encryption
Richard Cassidy , Senior Director Security Strategy EMEA , Exabeam keys and passwords much more easily with it . They ’ re also increasing the rate of attack automation and collaborating much more effectively ( hacking-as-aservice ) in sharing zero-day tools and username / password data , thereby significantly reducing the reliance on social engineering techniques .
While this may be true , there ’ s still no need to panic . Even if criminals manage to gain access to networks without the use of social engineering , there are already technologies available such as user entity behaviour analytics ( UEBA ), which can counteract this . UEBA works by benchmarking legitimate users ’ behaviour over a period of time and establishing the parameters of ‘ normal activity ’ based on key criteria such as geographical location , login times and files accessed .
If any user ’ s behaviour deviates too far from known normal benchmarks , such as logging in from China at 2am when they usually login from London during normal working hours , this behaviour is automatically flagged as suspicious www . intelligentciso . com
75