Network Security

The Top 5 Considerations That Should Guide Your SOC Strategy in 2021 and Beyond

It’s evident that while organizations are spending more and more on legacy cybersecurity solutions, these platforms are not holding up their end of the deal and are not able to proactively defend in a modern, non-signature attack threatscape.

Incremental Stacking of Correlative Analysis Platforms Will Ultimately Prove Ineffective and Costly

On the surface, an “incremental stacking” approach to correlative analysis platforms like SIEM, XDR and UEBA is logical. Organizations can overcome some of the inherent limitations present in their security solutions by adding a network traffic analysis (NTA), for example. Industry analysts have been touting this approach for some time now as necessary for full coverage enterprise security.

Building a Better SOC Based on What We Learned in 2020

Every network vulnerability opened new opportunities for hackers to infiltrate systems, steal data and wreak havoc. Several notable security incidents have left governments, private organizations, medical systems and large enterprise networks reeling. Many of these entities have discovered that their security plans are simply not up to the task of mitigating modern cybersecurity threats.

Our Top 2020 Cybersecurity Insights

The transition from office to remote environments was abrupt and one of the most defining moments that the cybersecurity industry and professionals faced in 2020. We wrote about the top issues CISOs were facing throughout the year but also doubled down on sharing insights about the evolution of next-generation SOCs, the failure of SIEM platforms as organizations are experiencing them today, and how self-supervised AI fits into the equation.

Russian Hack of U.S. Federal Agencies Shine Spotlight on SIEM Failures in Cybersecurity

In what the New York Times is calling, “One of the most sophisticated and perhaps largest hacks in more than five years,” malicious adversaries acting on behalf of a foreign government, likely Russian, broke into the email systems of multiple U.S. Federal agencies including the Treasury and Commerce Departments.

Techiexpert: How Predictive AI Protects Against Ransomware, GANs and More

MixMode CTO and Chief Scientist, Igor Mezic, recently contributed an article for Techiexpert that examines three modern AI adversarial attacks, the financial toll they are having on some of our most important systems (including healthcare), and how predictive, third-wave AI is the only future-proof cybersecurity solution to protect organizations from these intelligent attacks.

Featured Use Case: Why a Large US Utility Company Turned to MixMode to Address Utility Grid Vulnerabilities

A large utility company approached MixMode with the following scenario: The enterprise SOC was utilizing a shared SIEM application that was being utilized by several stakeholders: the networking team, the SCADA team, the dev-ops team, the compliance team and cybersecurity teams for “basic search and investigation of log files to meet regulatory compliance requirements”.

Recent Ransomware Attacks on U.S. Hospitals Highlight the Inefficiency of Rules-Based Cybersecurity Solutions

A number of recent high profile ransomware attacks on U.S. hospitals have demonstrated the urgency for organizations, municipalities, and critical services to take a proactive approach to protecting networks with a predictive AI solution.

The Case Against Using a Frankenstein Cybersecurity Platform

The cybersecurity market has, simply put, been cobbled together. A tangled web of non-integrated systems and alerts from siloed systems. Enterprises are now being forced to utilize a “Frankenstein” of stitched together tools to create a platform that might cover their security bases.

The Evolution of SIEM

It should be noted that SIEM platforms are exceptionally effective at what they initially were intended for: providing enterprise teams with a central repository of log information that would allow them to conduct search and investigation activities against machine-generated data. If this was all an enterprise cybersecurity team needed in 2020 to thwart attacks and stop bad actors from infiltrating their systems, SIEM would truly be the cybersecurity silver bullet that it claims to be.

3 Reasons Why a Rule-Based Cybersecurity Platform Will Always Fail

When it comes to advancements in cybersecurity, rule-based systems are holding the industry back. Relying on humans to constantly input and label rules in order to detect and stay ahead of threats is a bottleneck process that is setting security teams up for failure, especially with tools like SIEM, NDR, and NTA.

Data Overload Problem: Data Normalization Strategies Are Expensive

Financial institutions spend five to ten million dollars each year managing data. A recent Computer Services Inc (CSI) study reveals that most banks expect to spend up to 40 percent of their budgets on regulatory compliance cybersecurity, often adopting expensive data normalization strategies.