Cyber Security: The State of Play
Cyber criminals are looking for bigger and bigger profits, but targeting individuals will not deliver them. Targeting financial services and other large organisations institutions will.
Cyber security hit the headlines last year, after a series of deliberate and debilitating attacks exposed a number of high profile companies. Large retailers (Home Depot, Michaels, Neiman Marcus, Ebay), banks (JP Morgan Chase, Morgan Stanley) and large technology and media conglomerates (Yahoo, Sony Pictures) all had their security seriously breached by hackers.
The UK Government views cyber attacks as a Tier 1 threat to national security, on a par with terrorism. To combat this, the UK introduced a National Cyber Crime Unit inside the National Crime Agency and a Cyber Information Sharing Partnership to enhance the exchange of information about cyber threats. In 2013 the European Commission published a cyber security strategy to achieve cyber resilience1. As part of this, a draft Network and Information Security (NIS) Directive has been published.
In the US, cyber security falls under the directive of the Department of Homeland Security’s National Cybersecurity and Communications Integration Center. After the recent attacs on the US government and the Sony hack, a new organisation – the Cyber Threat Intelligence Integration Center – was created and will report to the office of the Director of National Intelligence and is modelled on the National Counterterrorism Center. In 2015, Obama organised a cyber security summit at Stanford University that was attended by over 1,000 people, including Apple CEO Tim Cook and top cyber security officials from Google, Facebook and Yahoo. During the summit, Obama pushed for tough new legislation that will allow companies to share information with government agencies, including the NSA.
In the UK, the NIS legislation would require all companies to report attacks on and breaches of their networks to local authorities, which would be obliged to make them public. As a consequence, we can expect companies to become more vigilant when it comes to the storage and use of customer data. We will see corporate investment into regulatory teams made up of IT, security and legal experts. These initiatives, aimed at driving collaboration among law enforcement teams and intelligence entities, highlight how seriously cyber threats are taken, and rightly so.
“Targeting individuals will not deliver big profits for cyber criminals. Targeting financial services organisations will. ”
Despite these efforts, the severity and frequency of cyber attacks is on the rise. In 2014, it appeared no one was safe – websites large and small were targeted by Russian gang CyberVor, who stole 1.2 billion passwords, usernames and over 500 million email addresses. Shortly before this, two vulnerabilities were exposed in widely used open source protocols, shaking the internet – ‘Shellshock’ and ‘Heartbleed’, the latter of which affeted 17% of all websites worldwide. Either one of these vulnerabilities in isolation would have previously been big news, but combined, they expose a level of vulnerability we have not seen before.
A further concern is that cyber attacks are no longer just the preserve of criminals. Terrorist, political and social activist groups are now using cyber attacks to publicise their messages. Ahead of the premiere of The Interview (comedy film about a plot to assassinate North Korean leader Kim Jong- un), swathes of confidential data belonging to employees of Sony Pictures Entertainment were released. The hackers were the ‘Guardians of Peace’, who wanted the film cancelled. Another recent high profile hack was the US Central Command’s Twitter account, where messages applauding terror group ISIS were posted.
Cyber security is already a top concern for IT leaders, but it is clear that attacks are on the rise in frequency and size, so it must soon become a top concern for individuals, corporations, law enforcement agencies and governments. Significant preparation is required to prevent severe breaches in data protection and confidentiality. In the face of such threats and the amount of preparation required, it is frightening that many companies still consider cyber security to be an issue for IT. Companies thinking in this way are failing to identify and mitigate some of the key risks – those that arise from our own human actions and behaviours. This failure is all too common and leaves many vulnerable to significant reputational, financial and maybe even physical damage.
People are a company’s biggest asset, but also its biggest risk. Adequate protection against cyber crime means a company must correctly manage more than just its technology infrastructure. They must correctly manage the involvement of third parties and the vigilance of its employees.
In this paper, we will discuss recent cyber threats, the available technology platforms and security systems, the people-related risks and most importantly, what you can do to mitigate the risk of cyber attacks to your organisation.
“People are a company’s biggest asset, but also its biggest risk.”
Attacks do not just happen on PCs anymore.
Companies are regularly being attacked through mobile devices. Many of us have a computer, a tablet and a mobile phone – and we use our personal devices for work, further amplifying the risk to the organisations we work for.
Criminals often find their way into a compan’s network via a third party with access. This means that managing threats to their own networks and the devices of employees is simply not enough anymore. Companies must also manage threats to any third party they engage.
The type of cyber threat is changing very quickly. Most experts are calling for more investment in intelligent security. The recent focus on deterring cyber criminals has pushed them towards the ‘darknet’, making them much more difficult to detect2. A couple of years ago, firewalls and anti- virus software were the only security measures most companies had in place. Today, these form only the basis of a much more complex security offering that every company should adopt now, before they fall victim to a debilitating attack.
The weakest security link inside any corporation is their employees. While introducing new technology and ways of working has huge benefits, it does give cyber criminals additional ways to gain access to profitable, confidential information.
A third of organisations now allow employees to connect their smartphones to corporate resources. The increased flexibility enabled by BYOD (Bring Your Own Device) policies has led to increased job satisfaction and productivity – employees using their own devices are gaining a global average of 37 minutes of productive time back per week. Companies are also seeing reductions in hardware spend – BYOD implementation is generating $350 in value a year per mobile employee3 and it is predicted that by 2017, half of employers will require employees to supply their own device4. As more and more company information is accessed on personal devices, security and information managers will have less and less control, accelerating the risk level. The biggest of these risks is cyber criminals infiltrating corporate networks via personal devices. To further complicate this risk, if a personal device is lost or stolen, companies cannot wipe the data from it.
A survey conducted in the US highlighted that 15% of employees believe they have “none to minimal” responsibility to protect corporate data. All respondents worked at large multinational corporations and had received recent security training. Most frightening for organisations is that this lack of responsibility is echoed by those at the management and executive level. Samsung research has shown that less than 10% of Chief Technology Officers in British businesses believe that improving mobile security is more important than facilitating flexible working and improving software5. This is particularly surprising as approximately half of all companies in the UK have had a handset stolen during the last year.
This perceived lack of responsibility will mean that, as employees, we will engage in risky behaviour on our mobile devices. Many respondents admitted to accessing sensitive data on their personal device while on an unsecured public network6. They were also more likely to use a personal device to use unsecure payment methods, download apps from untrusted sources, and rely on cloud-based storage (e.g. Dropbox or iCloud) to store sensitive documents7. As a consequence, mobile malware infections increased by 17% in the first half of 2014, growing at double the rate of 20138.
“Less than 10% of CTOs believe that improving mobile security is more important than facilitating flexible working and improving software.”
It is not enough to protect your own corporate network, organisations must act to protect the networks of the third parties they engage. Outsourced work saves time and reduces overheads, but allowing third parties access to systems and data does pose real security threats. Consider what happened to retail giant Target, who in 2013 revealed that 40 million credit and debit card accounts had been compromised.
Despite having a secure internal network, Target allowed a third party access to its network – a HVAC company who maintained several of Target’s shops. This access was not secure and the networks not properly segregated. Hackers exploited this weakness, broke into the third party network and stole login credentials. These credentials enabled the hackers to access Target’s internal network and their customers’ card details, turning their customers into victims and instantly destroying their reputation. Sales plummeted.
Companies that share valuable and sensitive information with third parties must be aware of the consequences of losing control of this information. The risks reach beyond distributors and suppliers, but also to lawyers, accountants and other professional service organisations engaged.
It is easier to fool people into giving you the key than it is to break down the door. The last few years have seen an increase in ‘ransomware’, social engineering/phishing and banking malware. These targeted attacks have been extremely successful in extracting information from unsuspecting victims.
|Malware||What is it?||What’s been affected?|
|Ransomware||A type of malware designed to render a computer or a mobile device unusable until the user pays a ransom to the attacker. It often shows up as an officia looking warning from a law enforcement agency.||The threat from ransomware expanded rapidly in 2014, adding to existing ‘extortion malware’. It also spread to mobile platforms such as Android 9. Ransomware targets individuals as well as corporations. In 2014, the TV station ABC went offline for minutes after a ransomware attack.|
|Banking trojans||Banking trojans are increasingly being used to launch cyber attacks on organisations because of the proliferation of such malware on PCs worldwide.||Approximately one in 500 PCs around the world is infected by banking malware and it is increasingly used to target organisations. Interpol and Kaspersky observed a 14-fold increase in attacks involving trojan banker malware in 2014 10.|
|Social engineering/ spearphishing||Social engineering exploits weaknesses in people rather than technology, preying upon the human propensity towards trust – in particular through email and social media. Social engineering involves tricking someone into breaching security protocol or giving away information. In recent years phishing scams – emails apparently from a reputable source, such as a bank – have been used extensively to steal personal information.||Phishing scams rose by 66% during some recent large-scale sporting events, like the World Cup and remain a popular method for cyber criminals to get past a company’s defences11|
Table 1: Types of malware
As our reliance on technology grows, more weaknesses in organisational data security will emerge that cyber criminals will waste no time in exploiting. It is critical for organisations to ensure they have secure technical platforms in place, but it is equally important to train staff to further minimise risk.
Here, we discuss the security of various operating systems, selected software packages and the organisational change required to prevent employees from creating cracks in your virtual armour.
Operating Systems & Mobile Strategy
The biggest data security risk for a company is employees using personal devices for professional activity. But a complete ban on BYOD will often not succeed. Some employees will inevitably find a way around such a ban by jail-breaking their devices to use services forbidden by IT.
The productivity and cost advantages enabled by BYOD are particularly attractive to small companies. Employees required to work away from the office and outside working hours will also find it easier to use their personal devices. However, if a company has the resources to purchase mobile phones for every employee, Choose Your Own Device (CYOD) does have attractive security benefits. Ideally, when operating under a BYOD strategy, defensive network architectures should be used. This means that access from personal devices should be brokered via a service mediation layer (e.g. Blue Coat) and protective monitoring solutions should be used to detect attacks from compromised devices 12.
Companies establishing a BYOD agreement with employees should13:
- ensure that end users are responsible for backing up personal data
- clarify lines of responsibility for device maintenance, support and costs
- require employees to remove apps at the request of the organisation
- disable access to the network if a blacklisted app is installed or if the device has been jail-broken
- specify the consequences for any violations to the policy
|Costs||Companies can realise cost savings by letting employees use their personal devices.||Companies will need to purchase mobile phones for employees.|
|Security||Difficult to control securiy on personal phones.||IT departments have more control over operating systems, additional security software and updates.|
|Convenience||By simply having access to corporate email and applications on their personal devices, employees are more connected and can access company information when and where they need it.||When you give employees a second device, they either have to carry around both (a hassle) or make the decision to only carry one — which will usually be the personal device outside of the workplace.|
Table 2: Bring Your Own Device (BYOD) vs. Choose Your Own Device (CYOD)
Companies should consider such controls when issuing a list of recommended devices based on the security level of operating systems, or when offering training on the security level of different systems that employees may already use. The most common operating systems are Blackberry, iPhone, Android and Windows.
|BlackBerry||BlackBerry is widely acknowledged by many experts to have one of the most secure mobile platforms. They introduced the cross-platform BlackBerry Enterprise Service 10 in 2013, a device management and security platform for corporate and personal- owned BlackBerry OS, BlackBerry 10, iOS and Android devices. Blackberry has recently acquired Secusmart, a leader in high-security voice and data encryption and anti-eavesdropping solutions for government, enterprise and telecommunication services. German Chancellor Angela Merkel ordered her voice- encrypted phone from Blackberry after it turned out that the NSA had tapped her previous mobile phone.|
|iOS||Apple has focussed almost exclusively on the consumer market and has only recently turned to the enterprise market. Apple has very strict guidelines for approving applications developed by third parties. This goes beyond user interface guidelines to application performance management, which includes security. The iOS application architecture natively provides its users good protection based on the fact that all applications are ‘sandboxed’ in a common memory environment. The downside of this architecture is that theoretically, you are only as strong as your weakest app. Security in iOS also extends to fingerprint technology. There are also no options for adding removable storage, which provides another layer of protection for users.|
|Android||The Google Android operating system is on its fourth commercial iteration and has recently seen some important security improvements, such as device encryption support. However, good Mobile Device Management APIs and a reliable control of the overall operating system versioning and application ecosystem are still absent. However, the system has been exposed to malware and data loss, and the platform fragmentation resulting from the rich OEM ecosystem has proved quite challenging for enterprise adoption. We recommend that if IT managers are considering adding Android to their set of flexible policies, they do so for only the least sensitive mobile roles.|
|Windows Phone||Adoption of the Windows Phone has been growing steadily and has reached double- digit market share in many countries. Enterprises who have adopted the Windows Phone 8 have done so because it allows business users to take advantage of the tight integration with Microsoft infrastructure, such as Active Directory, Exchange, SharePoint, and Lync. The operating system uses a security model similar to the Android platform, in that minimum privileges and isolation techniques are used to sandbox processes or, in Windows Phone terminology, to provide chambers that act as individual process spaces. The phone’s Secure Boot component is a unique feature. It cannot be turned off and protects against malware or other resident intrusion during the phone’s critical first few seconds of operation. The phone also refuses to run apps that are not signed by the Windows store.|
Table 3: Common operating systems
Enterprise mobility technologies are evolving fast, but most platforms are still a long way away from providing a secure environment that meets user expectations and integrates well with existing enterprise infrastructure and applications. According to surveys, any significant advance in this space could take anywhere between two and five years (Figure 1).
Firms with high security requirements should deploy carefully selected solutions that fit into the company’s existing architecture, but be flexible. Continue to keep an eye on the evolution of the enterprise mobility platform market and adopt a more holistic platform when one becomes available.
|Embryonic (< 2 years)||Emerging (2-5 years)||Early mainstream (5-10 years)||Mature mainstream (+10 years)|
|WLAN IPS||Virtual desktops Enterprise file sharing (EFSS) Mobile containers Mobile data protection Secure gateways||Mobile hardware based security Mobile platform health checks|
|Mobile texting protection||Content aware mobile Data backup tools Data disposal tools Mobility suites Mobile virtualisation Virtual private networks Voice protection Vulnerability management Protected browsers Trusted viewing||EMM/MDM security Mobile application development Mobile single sign- on Workspace aggragators|
|Malware protection||Remote mobile OS User authentication||Advanced threat defence|
Figure 1: Priority matrix for enterprise mobile security
Source: Gartner’s Hype Cycle for Enterprise Mobile Security 2014
The changing nature of cyber crime has called for more investment in intelligent security. In recent years there has been a shift from simply securing devices towards app and data security solutions, encompassing device and operating system protection. This is a gap in the market rapidly being filled by new players, and start-ups from the US and Israel are leading the way.
FireEye and Palo Alto Networks in the US have already become large listed companies. Other companies such as CloudLock, Ionic Security, Zscaler, Illumio, Shape Security, TrapX, and Tinfoil, have all sparked the interest of a number of venture capital funds. Israel is home to world-class established information security companies as well as innovative start-ups such as CyberArk, ThetaRay or GuardiCore.
New technologies emerging to combat new threats include sandboxing, a security mechanism for separating running programs often used to execute untested code or untrusted programs from unverified sources. Retrospective software tracks software after it passes the sandbox, to see whether anything suspicious has happened and also seeks out links in seemingly unconnected incidents.
Cloud-based security solutions are advantageous because they can incorporate the latest threat information immediately. Zscaler is one such example, which addresses the challenges of mobile data and app security for both employee-owned and corporate-issued devices. Employees forward their entire mobile traffic – browser and app – to Zscaler which analyses the inbound and outbound traffic in real time. This ensures that users are protected against advanced web browsing threats such as phishing or spyware, as well as malicious or rogue apps, or apps that may pose security or privacy risks to data on the device.
Another approach is to lay traps (or honeypots) to catch hackers. TrapX takes these active defence principles to a new level. It is a platform that automates hundreds of virtual honeypot sensors throughout a network. The platform scans the existing network and creates a shadow network of emulated systems, including servers, switches, databases, and applications, interleaved with the real assets. The trap allows for real-time uploads of fake data on the services ‘exposed’ to attackers. So confident in its own methods, TrapX have claimed that its system would have detected the Sony hack.
With the increasing sophistication of cyber crimes, defensive strategies need to keep pace. Antivirus software and firewalls, the security solutions offered by large, established, technology companies such as Symantec, Cisco, Trend Micro, Kapersky and McAfee, no longer offer fully comprehensive protection. They are however, a necessary basic shield every company should have and firewalls should not be sacrificed for the benefit of having a fast network connection16.
Any security savvy company must implement new technologies alongside traditional data protection methods to make it easier for employees to comply with a comprehensive preventative strategy.
Even with a solid operating system and sound security software in place, companies are still vulnerable to cyber attacks. The latest technology may protect core systems, but it cannot protect against the weakest link in the security chain – employees. Companies must invest in cyber security training17.
Ensuring employees understand the connection between technical measures, organisational policies and their own behaviour underpins an effective security policy. Standalone, existing IT security training is increasingly ineffective as it struggles to keep up with the ever-evolving nature of cyber crime. So how can organisations make it work?
Yell used comedy to make IT security training appealing for employees – they created a Star Wars themed awareness video that was a huge hit. Rose Tinted Security offers training that combines effective user engagement and comedy to create information security awareness programmes. Some companies are even giving away the latest mobile gadget to incentivise employees to attend security awareness sessions18.
The following steps are often considered best practice when it comes to cyber security training19:
- Producing a user security policy which covers the acceptable and secure use of the organisation’s systems
- Establishing a staff induction process which incorporates training on personal security responsibilities
- Maintaining user awareness of the threats through regular refresher training on the cyber risks to the organisation
- Supporting the formal assessment of information assurance skills
It is vital that responsibility for passing on these important messages comes from the very top of any organisation. The 2014 Boardroom Cyber Watch Survey found that 32.5% of boards receive no regular report on cyber security20. Target’s former CEO, Gregg Steinhafel, deprioritised cyber security, which eventually forced him to step down after the company was breached. Such an example serves as an extreme but important warning to others.
Organisations need information risk management regimes that establish a governance framework to enable and support risk management across the organisation, with a Chief Information Security OfficerCISO) leading the effort. Risk management teams must make sure the board remains engaged with cyber risks, making them a regular agenda item. Incident management procedures must be established and include disaster recovery capabilities. We would also encourage organisations to work with security professionals, regulators, government agencies and law enforcement to build up strong protection against cyber threats. Most importantly, if an incident does occur, organisations must report them to prevent repeat offenses.
Summary: Now is the Time to Act
The last few years have seen an explosion in cyber crime. An increased reliance on and diversification of technology has led to new channels that are being infiltrated by cyber criminals. Attacks have diversified and criminals have become more adept at fooling people through increasingly targeted methods.
This has provoked a pan-European response that aims to coordinate country initiatives and propagate an increase in European regulation to safeguard personal and sensitive information. The US is introducing thorough new legislations and has founded a new agency dedicated to fighting cyber crime.
Organisations must keep their fingers on the pulse when it comes to the latest technology trends to combat cyber attacks. But individuals at all levels of an organisation must be cyber security savvy to have the best chance of defending their organisation against attack. Even the best platform and most secure antivirus and encryption software become ineffective if people do not take measures to ensure adequate cyber security. Otherwise, cyber criminals will always find a way in.
Organisational change is key. The importance of IT security measures must be communicated and continually reinforced throughout an organisation. Risk management teams with a budget and a strong mandate from the top should be established for large organisations to have a fighting chance against cyber crime. Effective change management is clearly essential when implementing new software, networks or mobile devices, but a sustainable programme to change attitudes and behaviour throughout the organisation is imperative if an organisation is to keep cyber attacks at bay.
With the nature of cyber crime changing fast, now is the time for organisations to act.
1. European Commission 2013: Communication on a Cyber security Strategy of the European Union – An Open, Safe and Secure Cyberspace.
2. Trend Micro 2015: 2015 Predictions: The invisible becomes visible.
3. Cisco 2013: Comprehensive BYOD Implementation Increases Productivity, Decreases Costs.
4. Gartner 2013: Bring Your Own Device: The Facts and the Future.
5. Samsung 2014: Security Not Being Taken Seriously as Business Use of Mobile Devices Booms. http://www.samsung.com/uk/news/local/security-not-being-taken-seriously-as-business-use-of-mobile-devices-booms
6. Osterman Research 2014: Best Practices in E-Mail, Web and Social Media Security.
7. Norton 2012: Norton Cybercrime Report.
8. Alcatel-Lucent’s Kindsight Security Labs 2014: Malware Report.
9. F-Secure 2014: Threat Report H1.
10. Kaspersky Lab and INTERPOL 2014: Joint Report – Mobile Cyber Threats.
11. PA Consulting 2015: Reducing the threat of social engineering to cyber security.
12. Centre for the Protection of Infrastructure 2014: BYOD Guidance 2014: Enterprise Considerations.
13. Security for Business Innovation Council 2012: Realizing The Mobile Enterprise.
14. Gartner 2014: Hype Cycle for Enterprise Mobile Security.
15. Trend Micro 2012: Enterprise Readiness of Consumer Mobile Platforms.
16. Zdnet 2014: Enterprise network security takes backseat to speed: McAfee. http://www.zdnet.com/article/enterprise-network-security-takes-backseat-to-speed-mcafee/
17. Inc. 2014: What a security pro avoids online. http://www.inc.com/magazine/201312/lindsay-blakely/what-a-security-pro-avoids-online.html
18. The Guardian 2014: Risky business: why security awareness is crucial for employees. http://www.theguardian.com/media-network/media-network-blog/2013/feb/12/business-cyber-security-risks-employees
19. Centre for Protection of National infrastructure 2012: Reducing the Cyber Risk in 10 Critical Areas.
20. IT Governance 2014: Boardroom Cyber Watch 2014: Report.
Companies Active in the Cyber Security Space
|BAE Systems, UK||
Deviceprotect: A security enhanced customised operating system, which protects against a range of threats including malware, Android root exploits, privilege escalation attracts and the insider threat.
Mobileprotect: Protects users and the wider business, their devices, their data and their web applications from increasingly sophisticated security threats.
Classified Secure Mobility: Accredited to handle data at high protective marking levels for government use as well as commercial organisations seeking a high level of protection.
Prevents cyber-attacks on mobile devices:
Scans and detects corporate-issued or employee-owned Android and iOS mobile devices for malicious apps and activity
Blocks malicious mobile apps from running and alerts users and administrators of suspicious apps
Correlates activity across apps to detect malicious behaviour
Detects mobile security vulnerabilities and trends:
Tracks user registration, device compliance, and threat trends using a virtual dashboard Pre-analyses app store apps, providing threat scores and behavioural details for over 3 million apps Displays departmental and user mobile threat trends
|Palo Alto Networks, US||
GlobalProtect provides a comprehensive security solution for mobile devices built on the technologies of the Palo Alto Networks enterprise security platform and tailored to address mobile requirements. It delivers integration in a solution that combines technology, global intelligence and policy enforcement over mobile apps and threats.
This provides a safe environment for applications and data while permitting users to retain the native user experience of their preferred device.
|CloudLock, US||CloudLock provides a unified cloud security fabric that helps organisations protect their sensitive data in public cloud applications such as Google Apps, Salesforce, Dropbox, Box, ServiceNow, Third-party connected and other apps.|
|Ionic Security, US||Ionic encrypts each piece of data, putting an envelope around it that follows it wherever it goes. As cyber criminals increasingly target the suppliers or contractors of major companies as a way into their computer systems, Ionic aims to give the control over the data back the original owner.|
|Illumio, US||Illumio launched a platform focused on protecting data centres from the risk of cyber-attacks. Its Adaptive Security Platform examines the context of workloads to continuously compute and adapt security in real time with policies written in natural language terms. This means security teams do not need to rewrite security policies when applications scale up or down, migrate, or change.|
|Shape Security, US||The company claims to be the first to create technology that allows the code behind web pages to constantly change, evading hackers by never looking the same twice. This ‘real-time polymorphism’ aims to break botnets by making cyber criminals unable to automate attacks.|
|TrapX, US||TrapX can detect and analyse Zero-Day and undetected malware used by Advanced Persistent Threat (APT) organisations, build threat profiles, block attacs, and automatically remediate damage inflicted on IT ecosystems. DeceptionGrid captures Zero-Day events in its virtualised sensor network and next-generation malware traps before the malware can inflict significant damage to customers’ data centres or cloud deployments.|
|Mykonos||Web Intrusion Deception System uses deception to detect, track, profile and prevent hackers in real-time. Unlike legacy signature-based approaches, Mykonos inserts thousands of detection points to proactively identify attackers before they do damage. Mykonos goes beyond the IP address to track the individual attacker, profile their behaviour and deploy counter measures. With the Mykonos Security Appliance, administrators do not have to write rules, analyse large log files or monitor another console.|
|Tinfoil, US||Tinfoil monitors and checks for vulnerabilities using a scanner that is constantly updated. Using the same techniques as malicious hackers, they systematically test all the access points, instantly notifying the customer when there is a threat and giving them step-by-step instructions, tailored to their software stack, to eliminate it.|
|Cylance, US||The company claims to be the first maths-based threat detection and prevention company that uses artificial intelligence to discover threats. Using its ‘infiniy platform’ to protect devices from threats even if it has never seen the attack before.|
|CyberArk, Israel||CyberArk is an information security company focused on privileged account security. Products include password protection, session managers, threat analytics and identity managers.|
|GuardiCore, Israel||GuardiCore provides security in depth for software-defined data centers, detecting and mitigating Advanced Persistent Threats (APTs), malware propagation and insider attacks. Based on Software-Defined Networking (SDN) techniques, GuardiCore’s approach to network security scales to multi-Terabit, intra-data center (East-West) traffic rates, breaking the attaer’s “kill chain” at an early stage.|
|LightCyber, Israel||LightCyber makes a data security system that it says enables companies to detect cyber penetrations early on. Once deployed the technology creates a profile for users and devices in the company’s systems. The profile is based on data gathered from the network, devices, and users and detects anomalies based on a benchmark it creates.|
|Seculert, Israel||The Seculert cloud-based security platform fills the gap left by legay perimeter defense and Breach Detection Systems. It protects distributed enterprises from advanced threats by focusing on the malicious outbound network traffic that goes undetected by legacy prevention solutions.|
|ThetaRay, Israel||ThetaRay is a provider of a big data analytics platform and solutions for advanced cyber security, operational efficieny, and risk detection, protecting financial services sectors and critical infrastructure against unknown threats. ThetaRay’s core technology is based on state of the art algorithms, which power its proprietary Hyper-Dimensional, Multi-Domain Big Data Analytics platform. The company specialises in servicing the financial services industry.|