Blog

Building a Better SOC Based on What We Learned in 2020

Every network vulnerability opened new opportunities for hackers to infiltrate systems, steal data and wreak havoc. Several notable security incidents have left governments, private organizations, medical systems and large enterprise networks reeling. Many of these entities have discovered that their security plans are simply not up to the task of mitigating modern cybersecurity threats.

CPO Magazine: Proactive vs Responsive AI: Which One Protects Against Major Modern Adversaries in Cybersecurity?

MixMode CTO and Chief Scientist, Igor Mezic, recently contributed an article for CPO Magazine that examines the evolution of Machine Learning (ML) and Artificial Intelligence (AI) within cybersecurity, the three waves of AI, and the modern-day application of predictive AI in cybersecurity to protect against adversaries who are also utilizing AI technology.

Innovation During a Crisis: A story of PIE and Ice Cream

Some of you may have seen the “funny” statistic in the last few months that during the pandemic, ice cream sales are way up while deodorant sales are way down. Let’s just say that, for me, it’s coffee ice cream. Dessert aside, this stat does lead one to think about what other trends occur during a pandemic or a crisis when we look back at events such as world wars, the Great Depression, the Global Financial Crisis (GFC) of 2007-08, etc.

Our Top 2020 Cybersecurity Insights

The transition from office to remote environments was abrupt and one of the most defining moments that the cybersecurity industry and professionals faced in 2020. We wrote about the top issues CISOs were facing throughout the year but also doubled down on sharing insights about the evolution of next-generation SOCs, the failure of SIEM platforms as organizations are experiencing them today, and how self-supervised AI fits into the equation.

Russian Hack of U.S. Federal Agencies Shine Spotlight on SIEM Failures in Cybersecurity

In what the New York Times is calling, “One of the most sophisticated and perhaps largest hacks in more than five years,” malicious adversaries acting on behalf of a foreign government, likely Russian, broke into the email systems of multiple U.S. Federal agencies including the Treasury and Commerce Departments.

MixMode in the Real World: Customers Turn to MixMode Frustrated and in Search of a Viable SIEM Alternative

SIEM has failed to meet the needs of enterprises in the modern threatscape. One huge reason for this is that over time, most organizations will come to the sad realization that they will never achieve a full enterprise deployment of their SIEM. By its very nature, SIEM is always “in process.” It’s not unusual for an organization to have an SIEM in process for a full decade.

Techiexpert: How Predictive AI Protects Against Ransomware, GANs and More

MixMode CTO and Chief Scientist, Igor Mezic, recently contributed an article for Techiexpert that examines three modern AI adversarial attacks, the financial toll they are having on some of our most important systems (including healthcare), and how predictive, third-wave AI is the only future-proof cybersecurity solution to protect organizations from these intelligent attacks.

Featured Use Case: Why a Large US Utility Company Turned to MixMode to Address Utility Grid Vulnerabilities

A large utility company approached MixMode with the following scenario: The enterprise SOC was utilizing a shared SIEM application that was being utilized by several stakeholders: the networking team, the SCADA team, the dev-ops team, the compliance team and cybersecurity teams for “basic search and investigation of log files to meet regulatory compliance requirements”.

Recent Ransomware Attacks on U.S. Hospitals Highlight the Inefficiency of Rules-Based Cybersecurity Solutions

A number of recent high profile ransomware attacks on U.S. hospitals have demonstrated the urgency for organizations, municipalities, and critical services to take a proactive approach to protecting networks with a predictive AI solution.

How Vendors Capitalize on SIEM’s Fundamental Flaws

Because the fundamental nature of SIEM requires infinite amounts of data, security teams are forced to constantly wrangle their network data and faced with an unmanageable number of false positive alerts. This means they have to devise efficient ways to collect, organize and store data, resulting in an incredible investment in human and financial resources.

The Case Against Using a Frankenstein Cybersecurity Platform

The cybersecurity market has, simply put, been cobbled together. A tangled web of non-integrated systems and alerts from siloed systems. Enterprises are now being forced to utilize a “Frankenstein” of stitched together tools to create a platform that might cover their security bases.

Improving on the Typical SIEM Model

Despite its inherent flaws, today’s SIEM software solutions still shine when it comes to searching and investigating log data. One effective, comprehensive approach to network security pairs the best parts of SIEM with modern, AI-driven predictive analysis tools. Alternatively, organizations can replace their outdated SIEM with a modern single platform self-learning AI solution.