With an eye on bolstering its cybersecurity product offerings in a growing security market, San-Francisco-based Bay Dynamics recently raised US$23 million this month in funding.
The risk analytics startup offers a “risk fabric” security framework that aims to automate the process of detecting, analyzing and remediating cybersecurity threats.
According to Bay Dynamics CTO Ryan Stolte, a key component of the company’s current focus is on user and entity behaviour analytics (UEBA) solutions, a technology research firm Gartner recently touted as a security product to watch in 2016.
UEBA enables broad-scope security analytics — the security approach revolves around data analytics, integration and visualization to both detect bad actors and enhance alert quality. Gartner predicts the UEBA market revenue to rise to approximately US$200 million by the end of 2017, up from less than $50 million at present.
Indeed, vendors including Cisco, Intel, Dell, and IBM have been looking to improve their security offerings to cope with ever-increasing global cybersecurity threats. Solution providers in this market, including those in the cloud access security brokers (CASB) space, currently leverage UEBA functionality to ensure security and visibility into enterprise use of SaaS applications.
“Information security teams and infrastructure must adapt to support emerging digital business requirements, and simultaneously deal with the increasingly advanced threat environment,” said Gartner vice president Neil MacDonald.
Tools such as UEBA shouldn’t be seen as a cure-all but rather a key to resolving the issue of security threats within the enterprise perimeter by determining legitimate activities versus potential threats across the enterprise, Stolte told IT World Canada. It takes into account that human error often accounts to successful malware attacks, including employees who typically have the technology and identity credentials to access sensitive internal information.
For example, UEBA can detect unusual user activity — such an employee repeatedly transmitting internal information to an outside party — by reviewing user applications and endpoint assets to determine legitimate versus potentially malicious user behaviour.
The big idea is to bring data together from all of the different silos of security data that businesses have out there, including endpoint protection tools, asset management systems, said Stolte. From there, it’s about combining raw information and log data from traditional firewalls and perimeter solutions to provide businesses with a view of more real-time and proactive view of the overall security posture for better decision making, he added.
UEBA involves analytics around what people are doing — it’s an extremely important concept. “By and large, when you look at the breaches that occur, you are sending in a forensic expert to figure out what happened,” he said, adding that UEBA works to detect and resolve threats as they happen, rather than after the fact.
In a world where an errant click on an email could translate to a costly security breach in an instant, it’s important that emerging technology used along with stronger end-user security awareness is crucial.
“Security is everybody’s business,” Stolte said. “People in the business should be accountable for security — it’s not just a silo.”