Do UEBA tools represent the latest cybersecurity savior?

With an eye on bolstering its cybersecurity product offerings in a growing security market, San-Francisco-based Bay Dynamics recently raised US$23 million this month in funding.

The risk analytics startup offers a “risk fabric” security framework that aims to automate the process of detecting, analyzing and remediating cybersecurity threats.

According to Bay Dynamics CTO Ryan Stolte, a key component of the company’s current focus is on user and entity behaviour analytics (UEBA) solutions, a technology research firm Gartner recently touted as a security product to watch in 2016.

UEBA enables broad-scope security analytics — the security approach revolves around data analytics, integration and visualization to both detect bad actors and enhance alert quality. Gartner predicts the UEBA market revenue to rise to approximately US$200 million by the end of 2017, up from less than $50 million at present.

Indeed, vendors including Cisco, Intel, Dell, and IBM have been looking to improve their security offerings to cope with ever-increasing global cybersecurity threats. Solution providers in this market, including those in the cloud access security brokers (CASB) space, currently leverage UEBA functionality to ensure security and visibility into enterprise use of SaaS applications.

“Information security teams and infrastructure must adapt to support emerging digital business requirements, and simultaneously deal with the increasingly advanced threat environment,” said Gartner vice president Neil MacDonald.

Tools such as UEBA shouldn’t be seen as a cure-all but rather a key to resolving the issue of security threats within the enterprise perimeter by determining legitimate activities versus potential threats across the enterprise, Stolte told IT World Canada. It takes into account that human error often accounts to successful malware attacks, including employees who typically have the technology and identity credentials to access sensitive internal information.

For example, UEBA can detect unusual user activity — such an employee repeatedly transmitting internal information to an outside party — by reviewing user applications and endpoint assets to determine legitimate versus potentially malicious user behaviour.

The big idea is to bring data together from all of the different silos of security data that businesses have out there, including endpoint protection tools, asset management systems, said Stolte. From there, it’s about combining raw information and log data from traditional firewalls and perimeter solutions to provide businesses with a view of more real-time and proactive view of the overall security posture for better decision making, he added.

UEBA involves analytics around what people are doing — it’s an extremely important concept. “By and large, when you look at the breaches that occur, you are sending in a forensic expert to figure out what happened,” he said, adding that UEBA works to detect and resolve threats as they happen, rather than after the fact.

In a world where an errant click on an email could translate to a costly security breach in an instant, it’s important that emerging technology used along with stronger end-user security awareness is crucial.

“Security is everybody’s business,” Stolte said. “People in the business should be accountable for security — it’s not just a silo.”

Learn more about security trends such as UEBA in the July 2016 issue of CSO Digital

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

Ryan Patrick
Ryan Patrick
Seasoned technology reporter, editor and senior content producer.

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now