Excerpts from Modern Bank Heists – Data Gathering

save
Share and earn Cybytes
Facebook Twitter Google+ LinkedIn Email

Carbon Black recently published a report on how to gather data to improve the security posture of your enterprise. For more information about how Cb Defense, Carbon Black’s NGAV + EDR solution, helps enterprises address their endpoint security challenges, check out our weekly Cb Defense Live Demo, every Wednesday at 2PM EST, 11AM PST.


Modern Bank Heists

Cyberattacks & Lateral Movements in the Financial Sector

Data Gathering

Given these trends, modernizing defense in depth is imperative to preserve a high-functioning cybersecurity posture. The technological dependency of financial institutions to internet-based platforms has dramatically increased the industry’s exposure to reputation, market and operational risks. The major gaps for many of these institutions revolve around visibility and time to detection. This is particularly troubling as it pertains to deterring an attacker’s ability to move laterally within an enterprise post breach.

Financial institutions should aim to improve situational awareness and visibility into the more advanced attacker movements post breach. This must be accompanied with a tactical paradigm shift from prevention to detection. The increasing attack surface, coupled with the utilization of advanced tactics, has allowed attackers to become invisible. Decreasing dwell time is the true return on investment for any cybersecurity program.

Data Required to Curb Attacker Lateral Movement

Financial Institutions must have five sets of data specific to lateral movement in order to close the gap and reduce risk through rapid detection/response (this begins and ends on the endpoint):

  • High-fidelity telemetry to discern when adversaries are active in the network and on devices.
  • Correlated lateral movement telemetry with other sensors, such as egress monitoring.
  • Developing a comprehensive near-real-time “sight picture” of attacker behavior specific to internal movement and external command and control channels.
  • Rapid acquisition and automated analysis of attacker tools (and indicators of compromise), which can be vetted and communicated to existing control mechanisms through integrated workflows for automated response and defense.
  • Deploying predictive analytics to anticipate cybercriminals’ movements.

 

 


 

Listen to our security experts at Carbon Black and Network Security Engineer Christopher St. Amand at PeoplesBank during a recent webinar where we discussed the benefits of cloud-based security platforms and how they apply to your specific needs.

Watch Now


Thanks for joining us as we explored “Modern Bank Heists,” our report on the changing landscape of cybercrime in the financial sector and how to arm your institution against a breach. You can click here to get a copy of the full report. Join us next week as we continue to profile this report.

The post Excerpts from Modern Bank Heists – Data Gathering appeared first on Carbon Black.

Share this post and earn Cybytes
Facebook Twitter Google+ LinkedIn Email
Follow
98 Followers
About Carbon Black, Inc.
Carbon Black is the leading provider of next-generation endpoint security. Carbon Black’s Next-Generation Antivirus (NGAV) solution, Cb Defense, leverages breakthrough prevention technology, “Streaming Prevention,” to instantly see and stop cyberattacks before they execute. Cb Defense uniquely combines breakthrough prevention with market-leading detection and response into a single, lightweight agent delivered through the cloud. With more than 7 million endpoints under management, Carbon Black has more than 2,500 customers, including 30 of the Fortune 100. These customers use Carbon Black to replace legacy antivirus, lock down critical systems, hunt threats, and protect their endpoints from the most advanced cyberattacks, including non-malware attacks.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play
 

Support Cybrary

Donate Here to Get This Month's Donor Badge

 
Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel