NetWorks Group Blog

Effective Daily Log Monitoring for PCI

Posted by NetWorks Group on Feb 1, 2018 10:55:04 AM

Security technologies such as firewalls are meant, at best, to prevent data security breaches, or at worst, detect them before they get out of hand; but in some cases, organizations have been complacent. In the infamous Target data breach of 2013, hackers were roaming their system and stealing data for two weeks before the breach was even detected. In the equally egregious breach of Heartland Payment Systems five years earlier, hackers were stealing data for several weeks before the invasion was discovered. Ironically, both Heartland and Target were PCI-compliant, but the time lag between system compromise and detection was unnecessarily long. And, they’re not alone in this regard. 

Read More

Topics: PCI, Compliance, Security Monitoring, Managed Detection & Response

Protect. Detect. Respond: The Case for Managed Detection and Response

Posted by NetWorks Group on Nov 27, 2017 10:49:18 AM

Cyber security is on the mind of every business executive in the world. Modern security challenges are not easy to fix or even identify, and despite some misleading advertising from vendors, there is no one-size-fits-all solution. We frequently observe large visibility gaps in existing security implementations, providing even obvious red flags to slip under the radar. Firewalls and traditional antivirus software are important, but only react to known threats. Too many organizations rely on passive preventative technology for network security. Good attackers employ stealth and polymorphic tools that defy signature-based detection, allowing them to bypass these technologies all together. We must assume that threats will get in, and no system is impenetrable.  

Read More

Topics: Information Security, Managed Detection & Response, Threat Management, Security Monitoring, Threat Hunting

Threat Detection - Logs, Log Sources and Analysis Make All the Difference

Posted by Matt Warner on Oct 10, 2017 9:25:00 AM

Threat detection has grown to a complex and messy activity in organizations. Many utilize Security Information and Event Management systems which can play a critical role in today's enterprise.  In order to do their job, SIEMs depend on the logs generated by the enterprise's various systems. Sounds simple enough. However, in a typical Fortune 500 company scenario, an astounding amount of log data is generated. It's not at all unusual to see 10 Terabytes of plain text per month. Fact is, there can be hundreds, even thousands of sources of log data in the typical enterprise. Even small and medium sized businesses will be overwhelmed trying to collect, analyze, and store their log data. The questions are, then, “Can you collect AND analyze them all? Should you? Will the the infrastructure support storage and ongoing detection? Do you have the expertise in place to analyze logs and maintain the infrastructure to do so?”  

Read More

Topics: Information Security, Security Monitoring, Managed Detection & Response, Threat Hunting, Threat Management

Estimating Total Cost of Ownership of Your SIEM Deployment

Posted by Jyothish Varma on Aug 18, 2017 11:15:33 AM

Are you in the market exploring options for security log monitoring and management? If so, I’m sure you are inundated with requests for a meeting from various SIEM (Security Information and Event Management) vendors.

Read More

Topics: Managed Detection & Response, Threat Hunting, Threat Management, Information Security, Security Monitoring, Incident Response

5 Reasons Why Security Log Monitoring Is an Effective Part of Any Cybersecurity Framework

Posted by Jyothish Varma on Aug 9, 2017 9:53:54 AM

A comprehensive cyber security framework consists of several components, and one of the most important among them is security log monitoring. Without an effective security log monitoring and management policy in place, a company runs the risk of non-compliance, and perhaps fines, if there is ever a data breach. In order to maintain compliance with guidelines laid out by laws like HIPAA, and frameworks such as PCI, companies need to have an effective security monitoring solution in place that can help them collect and analyze log information so they can detect and respond to cyber attacks.

Read More

Topics: Security Monitoring, Managed Detection & Response, Information Security, Compliance

Protecting Your Business' Healthcare Data

Posted by Jyothish Varma on Jun 8, 2017 3:20:00 PM

Key findings from Verizon DBIR report for the Healthcare Industry

As an information security professional, it can be difficult to know where to concentrate your efforts. Some threats are overly hyped, while others slide in under the radar.

Read More

Topics: Information Security, Healthcare, Managed Detection & Response, Security Monitoring, Threat Management

Cybersecurity Skill Shortage in Critical Infrastructure Industries

Posted by Jyothish Varma on May 18, 2017 1:48:00 PM

Essential Infrastructure in Peril 

Critical infrastructure industries are a required foundation for a functional society. Without these sectors, vital services and products are unavailable. Health care, finance and manufacturing are three examples of markets that fall under this designation. The huge shortage of personnel with cybersecurity skills puts this essential infrastructure in peril. The demand for these experts is higher than the supply, making it difficult for organizations to appropriately protect themselves from cybercriminals. In the United States, only 66.7 percent of employer demand is met. It's even worse in other countries, with Israel only filling 28.4 percent of demand. 

Read More

Topics: Managed Detection & Response, Device Management, Threat Management, Information Security, Security Monitoring, Vulnerability Management, Ethical Hacking

Red Teaming - Is it right for you?

Posted by Michael Walker on Jan 28, 2015 4:17:00 PM

In this post, I'd like to talk about how to actually apply the concept of “red teams” in your enterprise.  First, and foremost, red teaming for cyber security refers to the concept of a small team of hackers reviewing an organization to determine if they can gain access to critical assets.  This may not sound much different than a penetration test, but one crucial piece is almost non-existent in a red team exercise:  scope.  A red team will utilize a web application, mobile platform, physical, social engineer, and network tester as part of a team whose goal is to profile the organization and gain access.

Read More

Topics: Ethical Hacking, Penetration Testing, Managed Detection & Response, Security Monitoring

NetWorks Group is Hiring: Come Join Our Team!

Posted by NetWorks Group on May 6, 2013 9:17:00 AM

If you're a fan of delicious restaurants, awesome concert venues, Big 10 sports, or just a bike-friendly city, then you should probably be working with us in beautiful downtown Ann Arbor, Michigan. The team at NetWorks Group works at the corner of Main and Huron, a central-point to blocks of great places to shop, eat, and relax at. Located a short distance from the University of Michigan, NetWorks Group benefits from the feeling of both a college-town and an active business hub for southeastern Michigan. For a vibrant mixture of cultures, architecture, and activities, Ann Arbor is hard to beat!

Read More

Topics: Ethical Hacking, Information Security, Managed Detection & Response, Penetration Testing, Security Monitoring, Threat Management, Threat Hunting, Device Management, Compliance, Security Architecture Review, Incident Response, Vulnerability Management

Come Chat with NetWorks Group at an Upcoming Event

Posted by NetWorks Group on Apr 17, 2013 3:10:00 PM

At NetWorks Group, we put a lot of value in interacting in person with the various technology communities important to our team. More than that, we love to be able to meet with customers and people looking to find out more about what we do and how our team could help yours achieve tough goals.

Read More

Topics: Ethical Hacking, Managed Detection & Response, Information Security, Security Monitoring, Penetration Testing, Vulnerability Management, Threat Management, Compliance

Subscribe to our blog!