Bob Lyons, CEO
There is no quiet period in the world of cybersecurity, rather rapid evolution of security issues and vulnerabilities are demanding enterprises to be more assertive and proactive. With the advancement in technology, security breaches are increasing in both sophistication and frequency, often overwhelming security operation centre (SOC) staff. Nearly three out of four cybersecurity professionals do not feel enough time is spent searching for advanced persistent threats (APTs) in their SOC. Many businesses are realising that despite the best-laid cybersecurity plans and strategies they set into motion for 2019, they are still struggling with the cybersecurity fundamentals. Aspects like culture, lack of resources, and a defensive mindset still can hinder an enterprise’s ability to secure its IT networks. As a result, more organisations are moving away from traditional reactive security while incorporating threat-hunting techniques in their cybersecurity strategy. Amidst the mounting frustration of applying the same strategies and tactics, businesses realise collectively that the time is ripe for a new cybersecurity playbook that embraces new strategies, and at the same time, doubles down on the cybersecurity basics.
One such maven writing the new cybersecurity playbook is Alert Logic, a computer and network security company from Houston, Texas. Alert Logic seamlessly connects an award-winning security platform, cutting-edge threat intelligence, and expert defenders to provide the best security and peace of mind for businesses 24/7, regardless of their size or technology environment. “The continued lack of skilled cybersecurity professionals affects organisations of all sizes, and small and midsize businesses are at a greater disadvantage because they can’t scale as large organisations can,” says Bob Lyons, CEO of Alert Logic. “These organisations will greatly benefit from partnering with providers who can augment their limited teams with threat intelligence and experts to be more secure and compliant.”
The continued lack of skilled cybersecurity professionals affects organisations of all sizes, and small and midsize businesses are at a greater disadvantage because they can’t scale as large organisations can
Alert Logic deploys its SIEMless Threat Management solution at a lower total cost than point solutions, SIEM tools, or traditional security outsourcing vendors. The principal goal of threat intelligence within Alert Logic is to identify the new activities of attackers so that coverage can be built. The required data are acquired externally (public internet) or internally (internal log or network data). Sourcing information solely from external sources (from Common Vulnerabilities and Exposures etc.) provides no expectation that attackers are actively using those methods. By pivoting on internally sourced network data, Alert Logic’s experts can concentrate on the current and live activities of attackers—providing the maximum value and protection for customers right now. To support this ability in its Network IDS, Alert Logic releases specialised signatures called “telemetry signatures.” Appearance patterns of these signatures and their payload data are processed under an intelligence-driven batch analytics framework to find the attacking “needles in the network haystack.” Therefore, coverage released by the team is highly tied to current and evolving attacker behaviour—allowing the clients to walk in the attacker’s shadow.
Additionally, the Alert Logic’s Security Operations Centre (SOC) provides round-the-clock security monitoring by GIAC-certified security analysts and using state-of-the-art technology. When a threat is detected, the company prioritizes it and proactively escalates it to clients within 15-minutes, and alongside provides visual context and remediation advice. At present, the company is focusing on increasing its threat detection capabilities to help its clients detect threats more proactively and safeguard their business processes.