This week Verizon issued the findings of its annual Data Breach Investigations Report (DBIR). To no surprise, after analyzing 10 years of data researchers shared: “we realize most organizations cannot keep up with cybercrime — and the bad guys are winning. But by applying big data analytics to security risk management, we can begin to bend the curve and combat cybercrime more effectively and strategically.” We at Triumfant couldn’t agree more.
Triumfant’s big data and patented analytics approach to breach detection is rooted in its ability to continuously scan more than 500,000 granular state attributes on every machine. This scan is truly continuous – not weekly, monthly or quarterly. Triumfant collects and maintains the most comprehensive repository of state data available, providing organizations a clear, complete, and current view of the endpoint population. Triumfant can then detect and evaluate alterations to the machine to identify changes that are anomalous in the context of the population. The raw state data is translated into real, actionable information about the configuration and health of every machine. As a result, organizations can identify machines that are open to exploit because of newly identified vulnerabilities or machines that are non-compliant to configuration and regulatory policies. Triumfant can also pinpoint missing patches on a given machine where infiltration can occur.
The 2014 Verizon DBIR identified nine basic threat patterns that make up 92% of security incidents. Out of the 1,367 confirmed data breaches analyzed, the cyber espionage pattern accounted for 22% of the attackers recorded by Verizon and its partners, while point-of-sale (POS) intrusions made up 14% of the breaches in this year’s report.Still, Web app attacks were far and away the most common threat type, with 35% of all confirmed breaches linked to Web application security issues.
As the report suggests, no one is immune from a data breach and its taking longer to identify compromises within an organization — often weeks or months, while penetrating the organization can take only minutes or hours. Triumfant emphatically closes the breach detection gap with its rapid detection and response capabilities. Triumfant detects breaches in real-time at the point of infiltration, generates a comprehensive and actionable analysis within minutes of the attack, and builds a situational remediation that stops the breach and repairs all of the primary and collateral damage to the machine within five minutes.
The 2014 Verizon DBIR once again underscores the importance of deploying a more focused and effective way to fight cyber threats. You will be breached, you are not prepared, and the adversary is taking advantage. A new approach is needed — the endpoint is your last line of defense.