Back To The Blog

Intrusion Detection Systems: What You Don’t Know Will Hurt You

Uncategorized / July 20 , 2015

A Q&A with Joseph Loomis of CyberSponse
The fact is, most companies that have suffered a breach failed to detect the intrusion as it was occurring, and only made aware after the damage was done. A Intrusion Detection System (IDS) with organized and correlated data can be an invaluable solution for incident response—but only if the system is installed and managed correctly. I spoke with Joseph Loomis of CyberSponse about some of the issues around IDS and how companies can use them more effectively.

Can you sum up the challenge companies have with their IDS data?
IDS are still a weak spot for many companies. The challenges are manifold, and come from many areas:

    • Lack of IDS systems
    • Costs of IDS systems
    • Improperly configured systems
    • Lack of personnel who know what they are looking for within the alert data
    • Lack of mature response to such alerts (and often times there are more alerts than not)

How can a company better automate and act on actionable intelligence?
This is precisely why we built CyberSponse. It’s a single platform that allows customers to search data, index data and also incorporate threat intelligence, alerts and incident response plans—all on one platform.

Why should senior leadership and risk managers care about this issue?
You hear this often in our field: It’s not if, it’s when. The target area is growing rapidly and the methods of intrusion are, too. Ultimately, detection, response and remediation are the only ways an organization can effectively limit a compromise within its system(s). Given the speed and ever-changing nature of the threat, it’s time leadership and risk managers consider ways to implement faster detection and response while minimizing damage. With expensive claims also on the rise, I’m sure we will see insurance carriers adopting this approach as well. It’s really only a matter of time.

In Summary….
Thanks to Mr. Loomis for his insights into IDS and correlation/management of incident data. The fact is, most organizations—large and small—that have suffered data breach events failed to detect the breach on their own. Such an oversight is bad for a number of reasons: It degrades the organization’s reputation with its own clients who are often informed of an event months later. It provides ammunition to state attorney generals and class-action plaintiff lawyers who want to prove that data breach victims were harmed by this negligence. It can set up the organization for greater financial loss through legal and

Tags

Related Blog Posts

10 Cybersecurity Tools Every Small-Medium Business Should Have in Their Arsenal

What You Need to Protect Your Data

SMBs have unique cybersecurity risks that should be managed with appropriate tools. Here are the top tools and some mistakes to avoid when implementing them.

Continue Reading

8 Things Every Business Should Know About Cybersecurity

Top Tools and Tips for Cyber Risk Management

Cyber risk is always evolving but every business needs to understand the fundamental threats they face as well as the key tools for risk assessment and mitigation that can help them improve their cybersecurity posture.

Continue Reading

From Afghanistan to Ransomware

A Q&A with Melissa Ventrone of Clark HIll

As an attorney in the cybersecurity and privacy space, Melissa Ventrone draws on her military background to keep clients calm, manage complex logistics, and help them mount a successful incident response.

Continue Reading
Visit Our Blog

Download 2023 Cyber Claims Study

The annual NetDiligence® Cyber Claims Study uses actual cyber insurance reported claims to illuminate the real costs of incidents from an insurer’s perspective.

Download
Solutions
About
Contact

P.O. Box 204
Gladwyne, PA 19035
610.896.9715

© 2024 NetDiligence All Rights Reserved.