How new innovations from CyberGuard360 take network protection to a new level
Hackers rarely strike while you’re looking. They are clever opportunists, often biding their time until they know exactly when a business will be least ready for an attack.
And unfortunately, it’s not a matter of if they will target a business – but when. There were 918 data breaches that compromised 1.9 billion data records in the first half of 2017 alone, according to a CNBC report. That’s a whopping 164 percent increase over the same period the previous year.
No business is too small or obscure to escape notice; 61 percent of small businesses experienced a cyber-attack in 2017, states the Ponemon Institute’s 2017 State of Cybersecurity in Small & Medium-Sized Businesses report.
Cyber-attacks that infiltrate an organization’s LAN can expose sensitive customer and company data to hackers and lead to business interruptions that cost millions. Ponemon reports that small and medium-sized businesses lost an average of $2.2 million to cybercrime in 2017, and that number surpassed a staggering $21.22 million per crime for larger U.S. companies.
Companies are scrambling to proactively find ways they can aggressively monitor and detect suspicious activity on their local-area networks (LANs) that might be the earliest signs of a cyber-attack. A LAN is comprised of a group of computers and associated devices that share a common communications line or wireless link to a server, typically in a distinct geographic area like an office or commercial establishment.
The ability to not only spot attacks – but stop them
Leading cybersecurity provider CyberGuard360 takes LAN vigilance to a new level with the launch of its proprietary Advanced Cyber Event (ACE) appliance. ACE stands out from other products on the market as the first customizable, on-network, agentless Network-Level Monitoring (NLM) appliance. It’s designed to detect threats and unusual behavior that endpoint security and other purpose-built devices and applications can’t catch – and then works in concert with CyberGuard360’s CyberGlass product to shut them down.
ACE goes beyond typical NLM with the intelligence to analyze changes in a company’s network and setup over time – and stop problems in their tracks.
It creates an audit trail of network changes and alerts CyberGlass when the changes are determined to be abnormal, triggering CyberGlassAI (Artificial Intelligence) to remediate attacks in real-time. It drastically reduces false positives by enabling companies to customize thresholds and “learn” normal behavior for the business.
By working with other components of CyberGlass that continuously collect company data, it can determine, for instance, if a spike in traffic at 3 a.m. is actually a cyber-attack or an employee who is awake and doing work. CyberGlass then responds accordingly, throwing off a simple notification about unusual activity or an alert that instigates action.
The ACE appliance also continually scans network resources for an organization’s most sensitive data – identifying where it exists and whether it is exposed on unprotected resources. Segmenting this data allows a business to monitor it across different networks, machines, and endpoint devices – significantly reducing its vulnerability to attacks.
The ACE up a company’s sleeve
Here are three major ways ACE strengthens a company’s LAN security footprint against cybercrime:
- Monitors and learns typical user behavior. ACE goes above-and-beyond other NLM tools with the ability to “learn” what constitutes normal behavior on a network, creating a baseline of the typical ways a business operates each day. That includes what files are routinely accessed, who accesses them, and around what time of day. Any behaviors that deviate from these normal thresholds will trigger an alert. For instance, if ACE knows that the chief financial officer always logs out by 7 p.m., access from his endpoint in the middle of the night can cause an alert.
- Monitors for unusual/high network activity. ACE vigilantly scours a company’s network for unusual spikes in traffic, which often indicate the start of a cyber-attack. Many times, this means hackers may be snooping around the network and attempting to flood it with traffic to see how its infrastructure responds. ACE immediately alerts CyberGlass to these behaviors, as well as company engineers or cybersecurity partners, so they can react quickly.
- Protects sensitive data. ACE continuously scans the network to identify sensitive data, triggering alerts if it is moved or placed in an unsecured location. It considers a variety of factors to determine if data should be considered “sensitive,” such as whether it includes Social Security numbers or account numbers. Users can also proactively mark certain data as sensitive, prompting ACE to monitor it.
Network-Level Monitoring is critical for hardening a company’s attack surface against cybercrime. If potential dangers aren’t spotted in their earliest stages, administrators are only able to react to the potentially devastating aftermath – instead of taking proactive measures to prevent them. By combining the groundbreaking capabilities of its new ACE and CyberGlass products, CyberGuard360 gives companies peace of mind that they know the health status of every corner of their LAN – and will aggressively block threats.
If you’d like to learn more about the ACE, CyberGlass, and the platform’s full capabilities, call us at 844-315-9882 or use our contact form to set up a free consultation.