To help enterprise organizations keep up with the constant onslaught of cybersecurity threats, Verizon is enhancing its Managed Security Services portfolio with a new advanced monitoring service and next-generation web-based portal.
Verizon found that one of the greatest challenges for companies that want to prevent security incidents is the lack of visibility into early attack indicators and signs of misconfiguration or non-compliance with security policies.
“Today, organizations are fighting an uphill battle when it comes to protecting their data,” said Mike Denning, vice president of global security solutions, Verizon Enterprise Solutions. “By providing highly sophisticated data synthesis and analysis for enterprises, Verizon is helping change the game in the fight against cybercrime.”
According to the Verizon 2014 Data Breach Investigations Report, 84 percent of attacks took an average of minutes or less. The report also found 66 percent of breaches studied take months to discover, with the vast majority (69 percent) found by third parties, and only 9 percent of organizations found the breach themselves.
“It is this gap between compromise and detection that allows attackers to carry out multi-stage attacks and damage an organization,” said Denning. “With these new capabilities, Verizon aims to shrink the compromise-to-detection gap to minimize damage suffered by organizations.”
An in-depth look at Verizon’s latest capabilities
Verizon is rolling out its new NetFlow Monitoring service that is focused on analysis of client Netflow data samples from the Verizon IP backbone network. By using automated analysis of suspicious IP communications, the cloud-based service helps clients discover the risk to their organizations by monitoring and analyzing indicators of compromise in Netflow traffic.
The client-specific data source is correlated with findings from the Verizon Cyber Intelligence Center (VCIC) which serves as the hub for all threat analytics and intelligence gathering, enabling a 360 degree view of the global threat landscape.
Intelligence feeds include data from Verizon’s:
- Global Security Monitoring and Management Service with 24x7 operations around the world
- Incident response work
- Forensics findings
- Malware analysis and fraud trend analysis
- Data Breach Investigations Report database
Through these feeds, Verizon can identify types of behaviors and indicators of specific attackers, with the goal of breaking the attack chain and identifying attacks before the cybercriminal does lasting damage or steals sensitive information.
"Determining whether Internet traffic is malicious based on 'what it is' simply is not good enough for today's cyber reality; it is like applying two-dimensional security in a three-dimensional world," said Frank Dickson, Industry Principal at Frost & Sullivan. "Verizon takes a step forward with its NetFlow Monitoring Services, augmenting its state of the art cyber intelligence with network traffic data. The combination provides enhanced indicators of compromise. In a world of constant evolving malware, behavioral detection techniques like Verizon’s are leading the way for enhanced protection."
Netflow Monitoring Service findings are available to clients via the Security and Compliance Dashboard which was recently enhanced to provide better visualization and interaction; a better analytics engine; and better log storage technology.
With these enhancements, clients can more easily see a visualization of an attack as well as all of the associated events and logs. The newly updated portal supplies an incident summary, with efficient drill down to raw log data for investigation plus additional sorting, filtering and customization capabilities. It also includes event status for customized data modeling to provide answers to specific administrator queries.
Verizon’s managed security services portal also provides revamped monitoring reports that expose trends and performance indicators.
For more information on Verizon Managed Security Services, visit verizonenterprise.com/solutions/security