Software company SAS Institute believes it has a leg up on other security solution vendors because while other companies resort to integrating advanced analytics into their products, SAS has a proven analytics platform on which its latest offering can depend on.
SAS Cybersecurity “approaches cyber threats as a business problem,” according to Bryan Harris, director of research and development for cyber analytics at SAS.
The solution correlates and analyzes billions of daily network transactions with business contextual information across organizations such as asset data, functional business role, and existing security alerts. SAS Cybersecurity “optimizes” then analyzes data in real-time to come up with a “continuous picture of active security risks.”
This allows security administrators to achieve a comprehensive view of normal versus abnormal activities.
Attackers are able to implant malware that remain undetected for months, according to Ray Boisvert, CEO of I-Sec Integrated Strategies and former assistant director of intelligence at the Canadian Security Intelligence Service (CSIS).
“On average attackers are able to have access to the network for about 229 days and by the time they are detected, it is already too late,” he said. “There is a huge gap in the cyber security market for solutions that can identify and separate real security threat signals from the noise.”
Boisvert said many vendors tend to cobble together solutions that only end up providing security administrators more data than they actually need.
“Some solutions only end up being a disservice because users end up drowning in threat data,” he said.
Among the features found of SAS Cybersecurity are:
Contextual data enrichment – This augments network flow with business information and external threat data to enable detection of cyber risks based on a customer’s specific business workflows
Right-timed multilayered analytics – Provides faster and deeper situational awareness with better analytics capability
Visual data exploration – Allows even users with no previous analytics knowledge or expertise to investigate risks
Continuously updated intelligence – Behavioural analytics automatically updates cyber analytics models based on new events, new data and new context
Cost-efficient data storage – Cybersecurity reduces storage footprint by saving only relevant data for analysis
Hackers’ reconnaissance activities are shrouded within massive amounts of data and are difficult to detect. “In addition, existing security solutions generate too many alerts,” said Harris. “By harnessing and enriching all this data in real-time and applying complex, behavioural analytics, SAS Cybersecurity adds an essential layer of cyber defence.”
The new solution is able to detect the “subtle reconnaissance” conducted by attackers, according to Harris.
He also said users do not have to be analytics experts to obtain insights fast from Cybersecurity. The solution produces a prioritized list of network devices that are exhibiting risky behaviour that require immediate attention. This reduces the number of alerts.
SAS Cybersecurity will be aimed at large enterprise organizations particularly in the finance sector and the utility sector.
Harris said SAS Cybersecurity will be released through SAS this fall