Today’s dynamic threat landscape- Threat Hunting in Action

The dramatic increase in cyber-breaches alongside the ever growing talent shortage, is putting many businesses in difficult to defend positions. According to the Cisco Annual Security Report only 53% of companies believe “they have a good system for verifying that security incidents have actually occurred.”

Take control of cyber threats in your environment

Many global businesses are now realising that they cannot simply sit back and wait to be alerted to cyber threats, or worse yet, being contacted by law enforcement to be informed about a security breach affecting their systems. In order to keep up with the rapidly evolving threat landscape, it is important to have a layered approach to tackling emerging threats.

Image

Much like regular penetration tests should be carried out to identify the effectiveness of security controls, you should be proactively performing threat hunting activities to maintain the health of your network and to ensure critical data is safeguarded.

Stop bad actors in their tracks

Image

It is a Friday afternoon and you are gearing up for a nice relaxing weekend. But then your phone rings- It is your manager. He has heard about a new strain of malware and wants to know: “are our systems safe?”

First of all, how can you know for sure that a cyber threat has evaded your security controls and is now inside your company network? Yes, you can search through endless information online about the threat or analyse network logs to find suspicious behaviour or inconsistencies. But realistically, this method of threat hunting could take weeks to identify if and how the threat got in and what damage it has caused. And, I very much doubt that your manager will be happy to wait this long for a response!

Cisco threat intelligence

However, there is a much better way to hunt for these network threats. Cisco security products give you the ability to proactively search for threats and conduct incident response activities with a set of integrated tools.  These tools not only give you visibility into the full scope of the breach, once a malicious threat is discovered, it can be instantly blocked everywhere. By combining threat intelligence with device-level security context you can detect threats more quickly and accurately. You can also automate manual threat researching tasks, incident prioritisation and remediation boosts. Thus,  your ability to investigate threats and resolve incidents will be faster than ever before!

Image

The Cisco Security portfolio uses Talos threat intelligence to update its threat feeds every 3 to 5 minutes. Talos is a team of 300+ threat researchers at Cisco who block 20 billion threats and analyse more than 600 billion emails daily. This intelligence gives an invaluable insight into the global threat landscape and is the backbone of the entire Cisco security portfolio.

Why hunt for threats?

  • An approach that proactively hunts for malicious cyber threats will help you build a more impenetrable security posture
  • You will gain greater visibility of what is happening in your network and a much deeper understanding of the potential cyber risks you face
  • While you may be confident that your security controls will block 99% of malware, what about that one percent of threats which bypass security defenses? You can no longer simply rely on prevention to keep critical data safe
  • Having a robust security posture must involve proactively hunting for the most sophisticated threats that can compromise your data and disrupt vital services

Become a threat hunter, Cisco threat hunting workshop- 12th February, 9.30am- 13.00pm.

On Tuesday 12th February, we are running a threat hunting workshop alongside Cisco in Birmingham City Centre.

This workshop is designed to teach concepts and techniques of threat hunting using integrated intelligence across the network, endpoint, and cloud. Real world examples will be shown, such as Olympic Destroyer, Bifrost, and Poweliks in this training lesson.

By attending Cisco’s free threat hunting technical workshops, you will learn how to:

  • Identify advanced threats
  • Assess the exposure to the business of these threats
  • Reduce the time to remediate by applying organisation-wide controls – all from a single console, a first for Cisco
  • You will also get free 90-day access to the console, as well as endpoint security and DNS security products, to apply the techniques to your company environment

Places are extremely limited in order to keep the threat hunting experience hands on, so please register your details to secure your spot. *This course is for a technical audience, please bring your laptop to ensure you can participate in the lab sessions.