Businesses are failing to spot signs of potential cyber-attacks by not keeping a close enough eye on all their data.
That’s the view of Juniper Networks, which has called for a shake-up in how companies are able to identify potential online risks.
The company has just revealed a number of enhancements to its Software-Defined Secure Networks (SDSN) platform, allowing companies far more insight into the huge amounts of information they produce every day.
Speaking to ITProPortal at the InfoSecurity 2017 event in London this week, it’s clear that Juniper Networks is looking to push the use of what it calls “actionable insights” to allow companies to get the most use out of their data.
"We're trying to give an organisation the information to improve their security from their own data,” said Lee Fisher, Juniper Networks security specialist. “If you consider all the big data initiatives underway today, and how they are helping business transform the way they work...why aren't you using that information to protect yourself?"
"Most hacks and attacks that we see today, the community gets to know about someone being hacked at the same time as the CISO," added Laurence Pitt, security strategy director at the company, highlighting the knowledge gap that is all too common often today.
Companies these days generate so much data in their day to day processes, it seems odd that this is not utilised more fully for wider tasks such as cyber-security.
More importantly, what systems such as anti-virus scans are not finding could be crucial in preparing and deploying advanced protection in the future.
Identifying what is normal behaviour for users on a network is as useful as detecting malicious habits, such as huge numbers of file overwrites happening in the space of a few minutes.
Juniper is now looking to help streamline this process, with the company’s SDSN policy enforcer offering taking this knowledge and applying rules that can be used to spot strange trends or behaviour, allowing companies to spot a threat before it takes off.
“The focus is usually looking for malware - but that's wrong,” Pitt says, “what we should be doing is looking for anomalous behaviour."
"Most of this data is already there - what we're building is the inference of it,” added Fisher.