“Cybersecurity is inherently a defensive capability, but organizations should not wait to become victims.” says Paul van Kessel, global risk leader, EY upon release of the company’s latest Global Information Security Survey, which reveals that 88% of respondents do not believe their information security structure fully meets their organization’s needs. With the growing sophistication of cyberattacks, building a robust system to proactively counter threats is a priority for most large enterprises. The recently announced partnership between Bay Dynamics and Skyhigh addresses this need by providing organizations with threat protection and incident remediation capabilities both on-premises and in the cloud.
Bay Dynamics analyzes enterprise systems data including asset, configuration, compliance and organization data and provides visibility into threats and remediation options to IT and Security teams. Skyhigh extends these capabilities to the cloud by analyzing usage to detect anomalous behavior indicative of a security issue. By analyzing cloud activity across multiple heuristics, Skyhigh develops a behavioral model for a specific user, group, and time period and uses this to detect deviations from normal usage and accordingly assess threats. This information can be fed back to Bay Dynamics systems for incident remediation. For example, if a Salesforce account is accessed from a country where the company has no business, Skyhigh immediately flags a ‘compromised account’ anomaly and sends this information to Bay Dynamics, which alerts the Infosec team monitoring its Security Operations dashboard. The team can immediately investigate and restrict access, thus protecting their customer and financial data. The seamless integration between Skyhigh and Bay Dynamics allows companies to leverage existing workflows and not have to rework remediation processes.
Organizations are vulnerable to threats both from the cloud and on-premises. This includes risks from insiders exfiltrating data via unsanctioned cloud services or leaking sensitive data from sanctioned services such as Salesforce and Office 365. This can also include the risk of a security breach from a trusted third party with whom you collaborate using cloud services. Any one of these risks can expose a company to a potential data breach. In spite of the devastating impacts of a data breach being highly public (Target estimates that it has paid $252 million in managing its 2013 data breach crisis), many companies are still behind in their cybersecurity implementations. The EY survey finds that 36% of the responding companies do not yet have a threat intelligence program and 18% do not yet have an identity and access management program. By taking a holistic approach and deploying solutions that provide robust threat protection for both on-premises and cloud activity, companies can better counter potential data breaches before they land them in the headlines.
Learn more about the Bay Dynamics – Skyhigh Networks partnership here.