Cygilant: Taking a behavioral approach to cybersecurity- how to help universities and colleges stay one step ahead of your adversaries
As the new school year gets underway, join LogPoint’s Jake McCabe when he discusses how thinking about security from the perspective of adversary behavior can help Universities better prepare for, detect, and respond to threats.
Too often, security organizations focus on signatures and IOCs to alert them to threats in their environment, however this myopic focus can often leave them blind to the bigger picture- unable to ‘see the forest for the trees’. By focusing instead on adversary behavior, security teams can make it more difficult for their adversaries to evade detection and they can even begin to predict where their adversaries might strike next.
The MITRE ATT&CK framework is one tool colleges and universities can use to take a behavioral security approach. The framework can help security teams assess risk, drive informed decisions, and help them to better understand how their adversaries typically behave.
User and entity behavioral analytics (UEBA) provides another avenue by which universities and collegues can take a behavioral approach to security. UEBA complements and improves the fidelity of traditional signature-based detection methods to enable security teams to distinguish adversary behavior from normal behavior. UEBA does so by looking for anomalies or changes in behavior and then analyzing sets of anomalies which together could be indicative of particular adversary techniques.
Jake will discuss how these two approaches to behavioral security can be taken together and how LogPoint can help universities and colleges improve their security posture by helping them take a more behavioral-focused approach to security.