Trident Blog

Cyber Security Update

Nathan Wood - Thursday, May 30, 2019

The Bad News:
More and more information continues to circulate regarding fresh cases of schools and businesses being heavily impacted by cyber security incidents. In the last month alone we have heard (or been directly involved through remediation) of four clients crippled by ransomware causing extreme disruption and financial costs to either pay the ransom or restore services.

“the sheer scale and rising likelihood of major cyber-attacks made them the most pressing threat a country like Australia faces.”
A warning from Alastair MacGibbon, who has held the twin roles of national cyber security adviser and head of the Australian Cyber Security Centre since 2017.

The Good News:
The traditional protective elements of a full security platform such as firewall,
endpoint AV, cloud security, etc are all still relevant within a multi-layer, multi-vendor approach to network security protection.

However, new technology solutions focusing on preventative cyber security strategies are being used to bolster a school’s holistic approach to data and network security. Three such preventative solutions covering different aspects of the threat continuum are Deep-learning Endpoint protection, User and Entity Behaviour Analytics (UEBA) and Security Awareness Training.

Deep-learning endpoint security with SOPHOS Intercept-X

SOPHOS Intercept-X runs as a standalone agent, alongside your existing antivirus or combined with Sophos Endpoint Protection. Intercept X gives you next-generation anti-exploit, deep learning malware detection, anti-ransomware, root cause analysis, and advanced system clean technology. By combining cutting-edge technologies, such as deep learning and endpoint detection and response, Intercept X delivers unmatched protection against unknown malware, exploits, and ransomware.

SOPHOS Intercept-X uses a deep learning neural network that works like the human brain to make the solution smarter, more scaleable and lighter on systems to stop the widest range of endpoint threats.

For more information on the SOPHOS Intercept-X solution solution contact your Trident Account Manager for a free trial.

UEBA – User and Entity Behaviour Analytics

User and entity behaviour analytics, or UEBA, is a type of cyber security process that takes note of the normal conduct of users. In turn, they detect any anomalous behaviour or instances when there are deviations from these “normal” patterns. For example, if a particular user regularly downloads 10 MB of files every day but suddenly downloads gigabytes of files, the system would be able to detect this anomaly and alert the IT Security team immediately. UEBA uses machine learning, algorithms, and statistical analyses to know when there is a deviation from established patterns, showing which of these anomalies could result in a potential, real threat. UEBA can also aggregate the data you have in your reports and logs, as well as analyse file, flow, and packet information. In UEBA, you do not track security events or monitor devices; instead, you track all the users and entities in your system. As such, UEBA focuses on insider threats, such as employees who have gone rogue, employees who have already been compromised, and people who already have access to your system and then carry out targeted attacks and fraud attempts, as well as servers, applications, and devices that are working within your system.

Talk to your Trident Account Manager about our UEBA solution available via the Security Operations Centre powered by Neptune Cyber Security. More information about the Trident SOC is available via this link.

Security Awareness Training

95% of all security breaches are due to human error, whether that be through weak passwords, phishing attacks or other credential harvesting methods, workforce awareness should be a key component of your overall security strategy. The latest report from the Office of the Australian Information Commissioner highlighting the insights from 12-months of Notifiable Data Breaches shows that since the legislation started 964 eligible data breaches have been recorded. Health and Education were ranked 1st and 4th respectively in number of breaches associated with industry sector with a large number of the breaches based on the use of email phishing to compromise user's credentials. 

With email being the #1 attack vector and the internet being #2 the best way to reduce your risk footprint is to ensure that your staff are getting the appropriate training around Cyber Security Awareness. As you know with the continual digitisation of the workplace, you and your staff are spending a lot of time using these tools in your day to day activities.

Mimecast Awareness Training is an easy and less confronting method of keeping staff aware of cyber threats so that they can play an active part in the organisations security strategy. Informative videos are released to your users on a regular scheduled basis to watch and then answer some simple quiz questions. Back-end analytics allow you to understand areas of strength and weakness across your users so that you team can proactively engage users and up-skill where needed.

For more information on the Mimecast Awareness Training solution, check out the short video below and contact your Trident Account Manager for more information.

The Trident Team


Share this article on:
Share on LinkdIn Share on Twitter



Trackback Link
Post has no trackbacks.

Recent Posts