FlowTraq > Articles by: FlowTraq

Author: FlowTraq

What Visibility Should Mean to You

By | May 12, 2016


Cyber security threats continue to grow. This evolution is seen in the sheer numbers of attacks, as well as the sophistication and complexity of attacks. Hackers are better funded and armed with more tools than ever. Hacking tools used for high-level security breaches, data theft and corruption, ransomware, and the infiltration of malware are readily available to hackers on the Dark Web. Shouldn’t your security tools be just as advanced, comprehensive, and powerful?

IT professionals often toss around the term ‘visibility’. Better visibility into the network, better visibility of systems and applications, better visibility of the end users and their devices, etc. But visibility should mean far more than simply the ability to see what’s going on in your network right now. It ought to mean visibility into the past, present, and even the future of your network and systems. Here’s what a comprehensive, fully-visible, network monitoring tool can do for your IT infrastructure.

What Has Happened in the Past

‘Leaving the past behind’ isn’t the best course of action when it comes to network security. You need to understand what happened in order to build better measures to stop similar events in the future.

Usually, a network that has been hacked once is likely to be hacked again. Once a vulnerability has been discovered, hackers will exploit it repeatedly, sometimes to get more information from an easily accessible source and other times simply for the fun of it. That’s why it’s important to have 100 percent visibility into what has already happened. Exactly what vulnerabilities were exploited? What can be done to close those network security gaps? Explore areas like software and firmware that wasn’t kept updated, user training issues, whether an inadequate mobile use policy played a part in the attack, and other potential lapses in network security.

What Could Happen in the Future

‘What could happen’ is why IT invests so much in firewalls, antivirus and antimalware protection, and other preventative measures. These are your preventative maintenance tools that stand in the way of overt and predictable attacks. The problem is depending on these tools to prevent all attacks, instead of continually assessing your vulnerabilities when it comes to sophisticated hacking tools and techniques that know how to subvert modern protective measures.

What is Happening Right Now

Network monitoring allows you to gain visibility into network traffic so that you can detect and stop any intruders that have manged to make their way around your security measures.

There’s a cat-and-mouse game that has played out between the ‘good guys’ and the ‘bad guys’ for millennia. The good guys get better protective weapons, then the bad guys get better attack weapons, forcing the good guys to up their game once again. It played out in the days of train robbers, during the Cold War, and it’s happening again in the arena of cyber security. That’s why strong network monitoring tools are so essential. Antivirus software and firewalls are like locks on your doors — these tools prevent someone waltzing in without much effort, but they don’t stop those willing to put forth the effort to get around those barriers. Network monitoring is how you catch the savvier villains once they’ve made their way past your gates and locks.

What Happens Following a Network Security Breach

“After action” is as critical as anything you do before an attack. An after-action plan is multifaceted. It includes cleaning up the mess left behind after an attack, but it also focuses on collecting forensic evidence of the attack. That forensic evidence can be used to help stop future attacks, but might also be crucial for bringing the hackers responsible to justice.

Do you truly have visibility into your network, including what has happened, what may happen, and what’s happening right now? Learn more about the modern era of multifaceted network monitoring and security when you download The Big Book of Network Flows for Security.

The Dangerous “Three Vs” of Big Data

By | May 9, 2016


Big Data. It sounds intimidating. It certainly sounds important. It even sounds dangerous. It can be all three. While Big Data has revolutionized the entire world of operations and commerce, there are three ‘V’s (notice how much that looks like ‘versus’) of Big Data that make network security more important than even a decade ago. The ‘Three Vs’ are: volume, velocity, and variability, meaning more data to secure, and having to secure it as its velocity accelerates and changes. The three V’s need to be taken seriously as the security issues that they are.

The Volume of Big Data

Think there’s a lot of data now? Wait until year after next, when there will be twice this amount to store and keep secure. Or, wait another five years, when there will be five times this much to contend with.

This is the single factor that most people relate to ‘big data’. It certainly is voluminous, and that poses many challenges when it comes to securing it. After all, it’s much easier to guard a single chicken coup than to try to secure the entire San Diego Zoo. Network security becomes even more complex when the data becomes accessible to users across the enterprise. Bits and pieces of the whole get stored, shared, and used outside the purview of IT and management — meaning that, eventually, nobody is really sure where all the data ends up. The only reliable way to ensure network security where big data is in play is with a good network monitoring solution that can identify anomalies in network traffic and pick up on oddities that indicate theft or intrusion.

The Velocity of Big Data

Big data is not simply marked by its sheer volume, however. Big data is also identified by the rapidity of its growth. Data isn’t just getting bigger, it’s getting bigger really, really quickly. Big data as we know it doubles in volume every two years — meaning that if you are struggling to store and secure a few petabytes today, you’ll be looking at 4.5 times that amount of storage within five years. You’ll also be faced with securing that massive volume of data. Concurrently, the velocity of attacks on that data is increasing. Cyber attack volume and velocity has grown by 1,100 percent since 2009, with no slow down in sight. More than 120,000 attacks are levied against businesses like yours every day. Network security has to be increased commensurately.

The Variety of Big Data

As the number of IoT devices nears 6 billion, the variety of data streaming in comes in different formats. The variety of attacks to be levied against the data, devices, users, and networks is growing, too.

This is perhaps the least understood quality of big data. Big data is tremendously varied. Part of the reason for this is the Internet of Things; data is streaming in from innumerous sources at any given time. Big data comes from social networks, mobile devices and apps, user profiles, text documents, image and video files, machines and sensors, and a plethora of software systems and applications.

Similarly, the variety of attacks has grown considerably. While the DDoS and data breach have been mainstays in the world of network security, those seem trivial next to the new waves of malware, ransomware, phishing scams, social engineering attacks, and other high-level attacks that are becoming more frequent and sophisticated by the day. Unless your network security solutions can detect and manage this type of variety in attacks, it’s only a matter of time until you are hit with (at least) one of these threats.

See how today’s top notch network security solutions can protect your business in the age of big data by scheduling a demo now.