October 12, 2018
How Can an Organization Understand if It Is Under Attack or at Risk?
Every company must accept the fact that cyber criminals will eventually breach its defense perimeter. It is obvious simply because they have an unlimited number of tries and methods to avoid systems of active perimeter defense. And before they are detected attackers remain inside an organization’s infrastructure for 160-469 days. The process of detecting intruders is generally rather complex, time and resource consuming. Therefore, telling if an organization is compromised is rather challenging.
ISSP Group has more than 10 years of experience of working in the cyber domain. We have been studying the ways cyber criminals think and act, the ways they breach perimeters. We explore and develop new effective ways of detecting and stopping them. Currently our experts are engaged in two joint research programs with MIT Computer Science & Artificial Intelligence Laboratory.
If we take healthcare, every treatment starts with the correct diagnosis of a patient’s condition. Today one of the fastest, simplest and most accurate methods that play a crucial role in this process is a blood test. It helps see the precise chemical composition of one’s blood and understand the processes that happen in his/her body. Any deviations from the healthy state of the body will be shown in the blood. We need a similar method to test and tell if any given organization is compromised. A simple, affordable and reliable method that lets you bring a sample of your “digital blood” to the laboratory and in a while receive the “diagnosis”.
We’ve been working on the solution of this problem for several years and as a result of our work we now have GuardYoo. It lets you upload logs from your company`s servers to our virtual laboratory, where they are closely studied, after which you receive a detailed report. These logs usually store data for the period of up to several years. It means that we analyze 2-3 years of the slightest changes in the work of computer systems, create normal behavior models, detect anomalies, errors and evidences of compromise. All this information helps us answer the key questions: have criminals breached an organization’s infrastructure, is the organization at risk and is it mature enough in the field of cybersecurity and compliance.
Today GuardYoo gives every company of any size and specialization a feasible opportunity to arrange such testing. The service is very simple, easy to grasp and affordable. It was already used by dozens of companies, large and medium sized, from energy, transport, financial, industrial and other sectors.