Threats from cyber criminals are more sophisticated than ever and as they become faster and smarter, stronger solutions are required for organisations of all sizes in both the public and private sectors
The enemy has killer instincts
Cyber crime is highly organised and funded. Once criminals realised that the internet could be used to steal money, either through scams or directly through financial companies’ websites, there was no stopping the growing number of attacks.
Even with organisations reportedly spending $71.1 billion on information security in 2015, they can’t keep up with threats changing at a rapid pace. As security software is upgraded, fraudsters work on new ways to exploit weaknesses in an organisation’s defences. For IT teams, it’s a brutal match-up and for chief executives it’s a genuine threat to business.
In a recent survey of registrants for Black Hat USA 2015, 73 per cent of security professionals think it is likely their organisations will have to deal with a major data breach in the year ahead.
Helping security teams roll with the punches
Hexis Cyber Solutions is a business which leverages years of cyber security expertise to help organisations combat threats infecting their systems. The company’s flagship product is HawkEye G, an integrated approach to threat detection, verification and response by leveraging flexible, policy-based responses to mitigate threats before compromise.
The solution leverages end-point and network sensors, as well as third-party integrations such as FireEye and Palo Alto Networks, to detect threats and attacks against a system. From there, the product includes proprietary technology called ThreatSync™ to verify threats against sources including, but not limited to, threat feeds, MD5 files and host heuristics, and sensor data. This results in decreasing the number of ghost alerts and false positives. Through policies, HawkEye G offers automatic or machine-guided remediation tactics including kill process, file quarantine and more.
“The state of play is moving so fast, it’s difficult to use hyperbole,” says Kane Hardy, Hexis vice president, Europe, Middle East and Africa, explaining the current cyber-crime environment. “In the United States, we see the number of organisations breached increase on a seemingly weekly basis. It is happening in the government as well other industries, including seemingly benign entities that historically would not expect to be targeted. It’s true that no one is really safe from the threat of a breach these days.
Hexis is an established, global business comprised of a team of highly skilled and experienced cyber-security specialists
“We would be foolish to say it’s not happening in the UK too. Financial services organisations are seeing growing numbers of attacks and, in some cases, full-fledged breaches. It could be denial of service attacks, preventing access to business services or it might be a breach where data is actually compromised.”
According to Mr Hardy, part of the problem is that organisations fail to keep up with threats that are changing all the time. Often, he says, Hexis is called in to help companies in the midst of an attack even though the targeted company thought they were covered by their existing security systems.
“The threat is progressing at such a rate that old solutions simply don’t work. Organisations are deploying the same technologies that were around 20 years ago, while threats are often automated and designed to change instantly and on their own,” he says.
Heavyweights deploy continuous detection and response
Hexis is an established, global business comprised of a team of highly skilled and experienced cyber-security specialists. The company recruits people with extensive experience in actively defending commercial and government organisations.
“What makes our company unique is that we solve three key problems that security professionals have communicated to us which include lack of complete enterprise visibility, false positives and lack of security professionals. We feel we’re ahead of the game and able to offer organisations tangible return on investment and risk-management value today, something that’s really quite scarce with cyber-security technology,” says Mr Hardy.
“HawkEye G is unique as a total solution that protects both the network and the end-point, as well as integrating with third-party technologies for greater threat intelligence. Everyone will be going in this direction in the next couple of years. But Hexis has something that is truly next generational today.”
For IT teams it’s a no-brainer. Chief executives and finance directors are on board too, says Mr Hardy. For non-techies, cyber security can be a reluctant investment and, if the product works, there is little sign of a tangible benefit. Like insurance, it’s only when security slips that the need becomes clear.
The alternative is a high-level risk to business that is ever-present. This risk threatens business reputation, makes sensitive data leaks possible and can severely damage profitability. Mr Hardy points to the example of the US department store Target, which experts suggest has lost a nine-figure monetary amount due to compromised data.
“It came through a straightforward advanced cyber attack,” he says. “It was discovered by tools that are great at discovering attacks, but there were no tools in place to defend and take action against that threat. That’s why the business suffered.”
Mr Hardy concludes that Hexis will continue to invest in its product portfolio, including HawkEye G, and will address new threats as they emerge. His advice to organisations planning to avoid what has happened to global corporations is to implement a strategy that incorporates an integrated and active defence – and not one that simply identifies threats.
Protection Group International (PGI) is an intelligence-led risk management provider that brings together unique capabilities in the vast field of information security for the commercial, institutional and government sectors.
The in-house security team at PGI faced the same problem that many companies in the UK and around the world are up against – how can we optimise the team we have to be more efficient, yet still improve the security of our systems?
With the shortage of cyber-security professionals only expected to grow over the next five years, PGI decided to take a look at Hexis Cyber Solutions’ flagship product HawkEye G.
“HawkEye G enables us to leverage the skilled staff we already have in an even more effective way,” explains Brian Lord, PGI managing director. “With the HawkEye G solution, we can be sure that our internal IT infrastructure is even more secure with a 24/7 active cyber-defence posture, without worrying about adding yet more, nearly impossible to find resources. So my defence is improved without the commensurate of delivering it.”
Get the full case study and more at go2.HexisCyber.com/FightingFraud or e-mail firstname.lastname@example.org