With just over 13 months to go until the General Data Protection Regulations (GDPR) becomes effective, if your organisation has not started the process of getting GDPR ready then it is high time that you begin. Remember that the GDPR affects every organisation however big or small that processes personal data – which is any data which alone or together with other data held by the organisation can identify a living individual. As most organisations will process personal data on behalf of their employees, there are very few organisations therefore to which the GDPR will not apply.
The first thing that you need to do is carry out a data inventory in order to understand what personal data the organisation holds. Who has given the organisation personal data? What personal data have they given the organisation? What happens to the personal data after it has been collected? The more personal data that the organisation holds obviously the greater this task will be. If you are concerned that your IT systems may hold personal data that may be missed during the data inventory, then there are tools in existence which can scan for personal data hiding on your systems. If you require assistance in this regard contact sales@ward.ie.
Next month’s blog will look at how to carry out an analysis of where your organisation is in relation to GDPR compliance and where you need to be by May 25th 2018.
At Ward Solutions, women have made significant contributions to our organisation since our foundation. We recognise the benefits of having high levels of female participation at all levels in our organisation.
Traditionally there is an underrepresentation of women in STEM careers. Of the 118,000 people working in Stem in Ireland, just 25% are women. This is not just an Irish problem. Less than 7% of tech positions in Europe are filled by women. In the US, for example, only 18% of undergraduate computer science degrees and 26% of computing jobs are held by women, according to Girls Who Code. This is worse at the top of the corporate world where just 5% of leadership positions in the technology industry are held by women.
Ward Solutions is very pleased to buck this trend, as we’re ahead of these figures for female participation in our organisation. Currently, there is a 25% to 27% female participation overall in the company. This breaks down as:
10% participation at technology consultant/engineering level
Looking at our own levels of female participation we need to address the underrepresentation at the technology level, while continuing to add and improve at all other levels in the company.
Creating an environment and culture based on merit and equality without stereotyping or discrimination enables Ward Solutions to achieve and maintain high level of female participation. This is not something that happens by accident but is something that is carefully fostered and developed in Ward. It is done by equally recognising success, ambition, contribution, and alternative perspectives and ideas and by being flexible. Having a gender balance is essential in creating a diverse, happy and successful workplace.
We are proud of the level of female participation in Ward and are working to forge a better and a more inclusive, gender equal world.
Shadow IT, a term that refers to the implementation and utilisation of IT solutions and platforms without explicit organisational authorisation, is the hidden threat at the heart of many Irish organisations. While the impact of shadow IT was initially limited, the growth of cloud services and mobile working has prompted many employees to adopt services that enhance their ability to work on-the-go without first seeking approval from the IT department. As a result, IT departments don’t have the oversight that they once did. Over the course of our next two blogs we’ll take a look at the concept of shadow IT, how and why it comes about and what you can do to prevent it.
By 2020, a third of attacks on enterprises will be directed at their shadow IT resources
Once a relatively obscure concept, shadow IT is a term that has gained widespread prominence due to the potential financial and reputational damage posed to organisations by increasingly sophisticated cyber security threats.
The term refers to software that is rolled out without the authorisation of the IT department and therefore exists on an organisation’s network without the knowledge of the teams responsible for maintaining the security and integrity of the network. For this reason, shadow IT can leave sizeable vulnerabilities in a company’s information security strategy, leaving them open to attack. A recent report from Gartner found that by 2020, a third of successful attacks experienced by enterprises will be on their shadow IT resources.
Shadow IT traditionally stemmed from workers rolling out new programs within the network to fill perceived gaps in their existing software suite. This highlights that shadow IT rarely arises through malicious intent, but through employees trying to be proactive. Many organisations have now put better controls in place, restricting the ability to install new programs on the network to system administrators. Whether or not your business is in the cloud, chances are your employees are
However, with the proliferation of cloud services, the challenge of combatting shadow IT has expanded outside the network. Users can access cloud apps without installing any programs on the network and as a result, the utilisation of these services will often go undetected. The only sign that anything unusual is going on is a higher rate of traffic coming through the company firewall.
The key thing to bear in mind is that the majority of employees using unauthorised applications and services are not doing so with the intent of hurting your organisation, but rather to be able to do their jobs as effectively and efficiently as possible.
For example, a user that finds themselves unable to send a particular file type via email might try to be proactive and utilise file sharing application which can be used through the browser and without downloading any files that might cause the IT department to become suspicious. The danger of such an action is that the IT department has no oversight of what information is leaving (or entering) the organisation. As the majority of these services are browser-based, the firewall will not be able to automatically restrict the access to specific cloud services, or prevent data being transferred to/from those services, unless your IT team has specifically added rules to block those cloud applications. The challenge to IT is that new cloud services are becoming available at such a rate that it’s impossible for them to always know which traffic to block, and to which IPs. As a result, malicious code could quite easily penetrate your network, or sensitive information could be leaving your network to be stored in services unknown and unmanaged by your organisation.
Another consequence of shadow IT is that it can render your compliance work void. If, for example, you carry out a programme of work to achieve ISO 27001 compliance and then employees utilise cloud services without explicit approval, your organisation will no longer be complaint to the standard.
The examples above highlight the importance of educating your employees about the risks of shadow IT. The crucial point to remember is that shadow IT frequently stems from a genuine need for services or applications that your employees don’t currently have access to.
If you would like to speak to our subject matter experts for further advice, call us: 1800 718 850 or e-mail: info@ward.ie.
Ward Solutions and IBM outlined the need for companies to place increased focus on their preparations for GDPR at a recent event held in the Royal College of Physicians of Ireland in Dublin.
On Friday 10th February in the Royal College of Physicians, Dublin, Ward Solutions and IBM presented the second ‘Will GDPR drive your security strategy in 2016?’ seminar. The event proved to be extremely popular, with over 90 attendees joining from the business, insurance, telecom, legal, education, medical and IT sectors. Attendees were interested in learning how GDPR was going to affect their particular industry and what steps they could take to become compliant with the legislation.
James Cant-Parton, IBM’s software account manager for Ireland, welcomed delegates gave an outline of what the seminar would cover and introduced the speakers. Implications of the new GDPR legislation
The first section of the seminar was given by Ward Solutions Chief Technology Officer and Co-Founder, Paul Hogan and group solicitor, Aisling Hennessy who spoke about GDPR and its implications. GDPR introduces severe ramifications for businesses that fail to achieve compliance. Organisations that suffer a data breach and who are found to be non-compliant will be liable to fines of 4% of worldwide turnover or €20m, depending on which is greater. In addition there is increased scope for individuals who have suffered material or non-material damage to bring actions against companies for an infringement of their rights under GDPR.
In this section Aisling went through the key elements of the GDPR legislation and Paul spoke about the practical implications of this in terms of how it would affect businesses. Aisling highlighted how readable the legislation is, and urged those responsible for IT security to familiarise themselves with it. As well as providing an overview of the tougher sanctions that will result from GDPR, Paul and Aisling outlined areas affected by the new legislation, including: increased territorial scope, ramifications for international data transfers, new responsibilities for data processors, the need to recruit a Data Protection Officer, and much more besides.
Data flows were highlighted as a key element for companies to be vigilant about to become GDPR compliant. Related to this, Paul mentioned that international data transfers could prove to be a potential minefield for companies as third parties could hold data outside the EU. Aisling noted that, as it stands, the US Privacy Shield does not provide adequate protection for European citizens.
Paul talked about how companies must now demonstrate compliance with the new legislation and Aisling noted that GDPR is about embedding a privacy culture into an organisation.
GDPR also establishes new rights for the individual. One of these rights is the right to be forgotten, which gives individuals the right for data that pertains to them and is “inadequate, irrelevant, or no longer relevant” to be removed online.
Under the new legislation it will be mandatory for companies to report a breach of data within 72 hours of discovering the breach. Aisling and Paul discussed the role of the Data Protection Officer under GDPR and how some companies may outsource this role. Organisations that suffer a data breach and who are found to be non-compliant to the new regulation will be liable to fines of 4% of worldwide turnover or €20m, depending on which is greater. First steps towards GDPR compliance
The second section of the seminar was presented by Brendan Fay, Ward Solutions’ Principal Information Security Consultant, who talked about the steps that organisations need to take to become GDPR compliant. The final speaker to take to the podium was Allan Cahill, Ward Solutions’ Principal Secure Application Development Consultant. Following on from Brendan’s presentation, Allan discussed the range of solutions that companies can utilise to achieve GDPR compliance. Comprehensive understanding of GDPR requirements
Following the event, members of Ward Solutions’ team were on hand to answer further information security and GDPR related questions from delegates.
The event was followed by a light lunch, which provided delegates with an opportunity to network and discuss the range of topics that were presented. The event was a great success and all attendees left with a much more comprehensive understanding of GDPR, providing them with the basis to re-examine their organisations’ current data policies and procedures to ensure that they are on the right path when it comes to meeting the requirements of the new law.
For more information on what your organisation can do to ensure GDPR compliance, call us at +353 1 642 0100 or e-mail us at sales@ward.ie
On Tuesday morning, it was announced that WordPress, the blog sharing website that is used by more than one quarter of the web, had been hacked by a known perpetrator identifying as “MuhmadEmad” who has previously targeted a number of high-profile websites. Several hundred Irish websites fell victim to the attack, including ones linked to Irish Distillers, advertising agency JCDecaux, the Federation of Irish Sport, schools across Dublin and Donegal, and a modelling agency.
Having gained access to these websites, the hacker then posted a signature message in support of Kurdish anti-ISIS forces[1]. It is anticipated that many more Irish websites are vulnerable.
In January, WordPress, reported to have a 59.4% of the worldwide market share in Content Management, issued an advisory note disclosing multiple vulnerabilities identified in WordPress V4.7.1 and earlier.
On January 26th, 2017, the company released a patch, V4.7.2, to address these vulnerabilities, advising that all customers update their versions of WordPress immediately. The following vulnerabilities were reported to WordPress from various sources; additional details may be found on the official WordPress advisory note[2]:
Users who do not have correct permission are being shown the user interface for assigning taxonomy terms.
When passing unsafe data WP_Query is vulnerable to a SQL injection (SQLi). While WordPress Core is not directly vulnerable to this issue, some plugins and themes may introduce the vulnerability
A cross-site scripting (XSS) vulnerability was identified in the posts list table
However, WordPress delayed disclosing an additional vulnerability until February 1st to allow users running automatic updates time to patch their WordPress versions to 4.7.2, thereby reducing the scope of potential targets for any would-be attackers. As is clear from this attack, this unauthenticated privilege escalation vulnerability, which was identified in a REST API endpoint,[3] has now been exploited in the wild.
Ward Solutions strongly recommends that all customers using WordPress immediately review their websites for vulnerability to the above-listed exploits and patch to v4.7.2 as soon as possible. Details on how to upgrade WordPress are available on the advisory notice issued by the company. If you suspect that your website is vulnerable to attack, we recommend that you carry out a pen test as soon as possible.
If you have any concerns regarding WordPress or other potential weaknesses in your IT security, talk to the experts. Contact Ward Solutions today at sales@ward.ie or call us on +353 1 642 0100 to find out how we can help you harden and secure your website and your information security infrastructure.
Organisations need to act now to ensure GDPR compliance in time for the legislation coming into force in May 2018. Attending IBM and Ward’s GDPR seminar on February 10th can help organisations to plan their GDPR strategies. General Data Protection Regulation is set to come into force on 25th May 2018. Irish organisations now have a limited amount of time to ensure compliance. If you’re wondering whether GDPR applies to your business then this blog is for you. And if you have more questions when you reach the end then make sure to attend IBM and Ward Solutions’ free seminar on 10th February in the Royal College of Physicians, Kildare Street, Dublin 2. More information can be found below.
Ward Solutions recently revealed its cyber security predictions for 2017. Based on our end of year review, these predictions outline various areas of focus for Irish businesses for the coming year. One key finding was that most Irish organisations do not realise the scale of the challenge to become compliant with the impending General Data Protection Regulation (GDPR) legislation, which is due to come into force in May 2018.
This prediction drew a lot of attention from the media, and for good reason: GDPR will have far-reaching effects on Irish organisations that handle personal data when it comes into force next year, and, because of this, it is set to be the central topic for discussion in information security in 2017. Organisations need to act now in order to ensure timely compliance.
Many organisations have underestimated the workload required to become compliant, and by the time they realise the scale of the challenge they will be forced to seek assistance from a limited pool of knowledgeable external resources. For this reason, achieving compliance in time will end up costing a lot more than they bargained for.
Acting now will ensure that companies can start 2018 safe in the knowledge that that they will not be liable for fines of up to 4% of annual global turnover or €20M, depending on which is greater. Perhaps even more significant is the fact that organisations that fail to demonstrate compliance will be directly liable to provide compensation to persons who have suffered material or non-material damage as a result of an infringement of the regulation. Taking the appropriate action now can ensure that companies avoid any such liability.
Organisations need to start by asking themselves a number of questions to establish their current position on the compliancy ladder. The following questions can help to provide you with a good estimation of whether or not you are ready for GDPR.
Does GDPR apply to you?
First of all, it’s important to ask if GDPR applies to your organisation. Although there are a number of criteria, GDPR ultimately applies to companies that process the data of EU citizens, regardless of whether or not they have a physical presence in the EU. This is a change from the rules of the Data Protection Directive, the legislation which is being replaced by GDPR, and is an important aspect to be aware of.
Do you know where your data is located?
The results of a recent survey conducted by TechPro magazine on behalf of Ward Solutions found that one-fifth of organisations don’t know where their data is located. GDPR will require companies to have increased oversight of where their data is stored, and where it flows as it travels through the supply chain. If your organisation is involved in the large scale processing of personal data then GDPR requires you to instate a Data Protection Officer in time for the legislation coming into force.
Does your organisation require a Data Protection Officer?
GDPR requires that all public authorities and any business involved in large scale processing of personal data must instate a Data Protection Officer in time for the legislation coming into force. Appointing a DPO will be a challenge for organisations, as the suitable candidate will be expected to have expert knowledge of data protection law and practices, while also displaying sufficient understanding of IT systems and processes, data security (including dealing with cyber-attacks) and other critical data security needs around the processing of personal data. As such, organisations should begin the recruitment process for this position as soon as possible, bearing in mind that it could take a significant amount of time to find the right person for the role. For some organisations, outsourcing the role to an external consultancy or legal firm with appropriate information security, cyber security and data protection expertise might be the preferred option.
Can you demonstrate accountability?
Under GDPR, organisations will be held more accountable for the security of their data than ever before and will be expected to be able to demonstrate compliance with data protection principles. In order to safeguard their futures, organisations should, therefore, ensure that they have adequate records of all data processing operations and make sure that such records are being kept up to date.
Can you comply with the new rights?
GDPR will also introduce a number of new rights for people regarding how companies handle their personal data. Chief among these rights is the so-called ‘right to be forgotten.’ This will allow people to demand that their data be erased on a number of grounds. Where the controller has made the personal data public, they are then also responsible for informing other controllers who are processing the data to erase links to copies or replication of the personal data in question.
Have you privacy by design and default built into your business processes?
As well as the new requirements outlined above, the increased focus on data protection measures being introduced under GDPR legislation will require organisations to ensure that data protection is designed into the development of business processes for products and services. This is known as Privacy by Design and by Default. This stipulation also requires that by default, only personal data which is necessary for each specific purpose of processing is processed.
Can you detect and respond to a data breach within 72 hours?
Finally, should your organisation suffer a data breach, GDPR will require that you notify a data protection authority within 72 hours of becoming aware of it. You will be required to identify the nature of the data that has been breached and the approximate number of people affected. What’s more, those directly affected by the breach may also need to be informed.
Failure to meet the 72-hour deadline is also taken into consideration and could put your organisation at risk of receiving an even higher fine.
GDPR is one of the most significant pieces of legislation of recent times to affect organisations whose core activities involve the processing of data. With a huge number of organisations now processing customer data on a daily basis, GDPR will set the tone for the majority of conversations about cybersecurity in 2017. To help Irish businesses better understand the legislation, IBM and Ward Solutions will host a seminar entitled ‘Will GDPR drive your security strategy in 2017?’ on Friday, 10th February in the Royal College of Physicians on Kildare Street, Dublin 2. Information security and privacy experts from IBM and Ward Solutions will highlight the considerations and prioritised Information Security activities that you need to be undertaking in 2017 in order to become GDPR compliant. The event is free to attend and those interested in attending should register now at https://www.ward.ie/insights-news/GDPR/
IBM and Ward Solutions will co-host a seminar on Friday, 10th February, aimed at setting Irish organisations on the right path towards GDPR compliance.
This event is now fully booked.
If you would be interested in attending a similar event at a later stage please submit your details below and you will be added to our contact list.
Event Announcement: Seminar: Will GDPR drive your security strategy in 2017? When: 08.30 – 12.30 Friday, 10th February 2017 Where: Royal College of Physicians, Kildare Street, Dublin 2. Admission: Free
Ward Solutions recently revealed its 2017 cyber security predictions, chief among which was the finding that most Irish organisations do not yet realise the scale of the challenge to become compliant with the impending General Data Protection Regulation (GDPR) legislation.
Due to replace the 1995 Data Protection Directive in May 2018, GDPR will aim to offer the same data protection rights across the EU, regardless of where data is processed. Irish companies need to be prepared for the legislation, as they will otherwise be liable for fines of up to 4% of annual global turnover or €20M. Following the success of their Belfast seminar ‘Will GDPR drive your security strategy in 2017?’ IBM and Ward Solutions will co-host a similar event on Friday, 10th February in the Royal College of Physicians, Kildare Street, Dublin 2, aimed at setting Irish organisations on the right path towards compliance.
At this seminar, information security and privacy experts from IBM and Ward Solutions will discuss the changes and various implications that GDPR legislation will bring about. They will also highlight the considerations and prioritised Information Security activities that you need to be taking in 2017 in order to become compliant and outline a comprehensive approach to maintaining compliance.
Finally, attendees will hear industry-leading advice on developing information security strategies to tackle increasingly sophisticated cyber-security threats that may put their GDPR preparations and their organisations at significant risk.
This event presents an ideal opportunity for organisations to stay abreast of developments in the information security landscape, and gain awareness of how they can prepare for GDPR legislation. Admission is free and the seminar will be followed by a light buffet which will present excellent networking opportunities.
For more information and to register for the event, please enter your details above or visit https://www.ward.ie/insights-news/gdpr for more information.
Register now for Ward Solutions’ GDPR seminar, taking place on 10th February in the Royal College of Physicians, Kildare Street, Dublin 2.
Ward Solutions, Ireland’s leading information security provider, today announces its cyber security predictions for 2017. Among a number of significant warnings for business and state organisations, Ward believes that most Irish organisations do not yet realise the scale of the challenge to become compliant with the impending General Data Protection Regulation (GDPR) legislation, which is due to come into force in May 2018.
The information security provider believes that cyber criminals will change their tactics in 2017 to exploit growing fears of brand damage and escalating fines. Ward expects them to change their ransomware attacks to focus increasingly on acquiring customer data held by organisations and then threatening to disclose these data breaches to relevant authorities such as the Data Protection Commissioner. Ransom prices could increase significantly for the price of their silence.
While ransomware attacks and data breaches are set to grow this year, Ward expects that ‘breach fatigue‘ will set in amongst the general public, resulting in organisations being held more accountable by key stakeholders such as shareholders and regulators. This could result in more serious repercussions for information security, with poor incident handling and non-disclosure causing particular challenges.”
Pat Larkin, CEO, Ward Solutions, comments: “The general public are increasingly growing tired of being told that their personal data may or may not have leaked into the wrong hands. This fatigue offers huge opportunities for cyber criminals as consumers drop their guard. It also places an increased responsibility on organisations to secure and protect all of the customer and third party data that they collect and handle.”
Looking at the growing threat of cyber warfare, Ward believes that 2017 could see state sponsored cyberterrorism escalate to a point that prompts a military response.
Pat Larkin, CEO, Ward Solutions, comments: “2017 could be the year that sees a country respond to a cyber-attack with a show of military force, resulting in the first bullets or missiles flying in response to cyberterrorism. We would hope that Governments and security agencies engage in coordinated preventative measures so that this particular prediction isn’t actually realised. In Ireland, we also need to be more prepared and joined-up in our approach to the growing threat of cyber attacks too. It’s imperative that our critical infrastructures and assets are proactively protected from these growing threats. ”
Looking more closely at security threats for the business community; Pat Larkin, said, “GDPR compliance is set to be the central topic for discussion in information security in 2017. Organisations that act now to become compliant can get ahead of the crowd and begin 2018 safe in the knowledge that they are will not be liable for fines of up to 4% of annual global turnover or €20M, depending on which is greater.
“Many Irish organisations have grossly underestimated the workload required to become compliant by the time the legalisation comes into force in May 2018. When they finally realise the scale of the challenge they will be forced to seek assistance from a limited pool of knowledgeable external resources, and achieving compliance in time will end up costing much more than they bargained for.”
GDPR is a common theme running through many of the findings stemming from Ward’s end-of-year review, with the regulation to have more far reaching consequences for business than many might assume. The legislation will also affect other frameworks such as the Payment Card Industry Data Security Standard (PCI DSS), in that breaches that might previously have been kept a secret by the merchant, acquiring organisation and credit card provider, will have to be publically declared from May 2018.
Other information security developments that Irish organisations should be aware of in 2017 include an increased focus on supply chain assurance demands from business partners, as well as the effect that impending legislation will have on organisations’ cloud strategies, as they grapple with failings of due diligence, risk assessment and the implementation of effective controls. Despite this, the adoption of cloud services will continue to rise in the coming year.
Pat Larkin said: “2017 will see some continuation of the information security trends that we have witnessed in 2016, but also some new developments driven by the approaching GDPR regulation. We really hope that this year will be the year that Irish organisations move from a reactive philosophy to a holistic information security model, which will better prepare them to defend against the advanced techniques employed by cybercriminals.”
To help set Irish organisations on the right path towards compliance IBM and Ward Solutions will co-host a seminar on Friday, 10th February in the Royal College of Physicians, Kildare Street, Dublin 2. Those interested in attending should register now at https://www.ward.ie/insights-news/gdpr/
QRadar can give your IT team the edge on hackers, identifying their tactics and where the initial breach occurred. Welcome to the third and final blog in Ward Solutions’ QRadar Masterclass! In this blog we’ll take a look at the powerful analytical functionality that the QRadar platform offers, which is monitored and managed from Ward’s state-of-the-art Dublin-based Security Operations Centre.
Do you know what one of the leading causes of data breaches is? Complacency – i.e. thinking that your business is safe from digital threats even when it’s not. A recent Juniper Research study found that 75% of organisations feel secure, even though 50% have been attacked.[1] Complacency or lapses in security practices can result in critical assets not being as secure as they should be. In order to mitigate the fallout of a potential breach, organisations need to employ solutions that are capable of monitoring their whole network, while avoiding blindspots. QRadar spots anomalies that might otherwise have been missed
By monitoring the whole environment, QRadar from Ward can spot anomalies, such as changes in regular user behaviour. A change in the regular behaviour of users or identities is often one of the first signs that the network has been breached, and, perhaps, that someone’s credentials have been compromised.
QRadar can also help rule out false-positive results by pulling data from organisational identity systems, allowing Security Operations Centre (SOC) analysts to see a recent reporting or role change for the individual. QRadar can help your organisation to protect its critical data from advanced threats, and provide cost savings of up to 50% Advanced analytical processes
Ward Solutions’ managed security services are delivered from our state-of-the-art Dublin-based SOC, in which we invested €1.2m just last year. This facility enables us to provide best-in-class threat monitoring, risk assessment and incident response technologies to our clients. It is from Ward’s SOC that QRadar’s advanced analytical processes are monitored. These include:
Advanced threat detection
QRadar employs real-time analytics to raise alerts for suspect behaviour such as the transfer of abnormally high data volumes deviating from behavioural baselines and sudden changes in network traffic. Anomalies are not easily spotted by security teams, and are only discoverable by a security solution that monitors and profiles the actions of all users and entities. Critical data protection
QRadar can create a high-priority alert to prompt SOC-based security teams to investigate incidents related to processes acting on any data classified as critical. QRadar can detect when unencrypted data is transmitted and quickly remiiate the risk Insider threat management
QRadar stands out from other security products for its ability to profile entities and individuals and identify abnormal behaviour on the network.
The combination of a comprehensive set of data, business context and threat intelligence—coupled with the ability to detect deviations from normal behavior as well as recognise what behavior is not allowed or is inappropriate—provides for an extremely powerful incident detection capability. Risk and vulnerability management
When a new entity, such as a server, appears on the network, QRadar can trigger a scan to discover if it has any urgent or high-risk vulnerabilities that are exposed to potential threat sources. If any vulnerabilities are detected, QRadar can then notify the security team to prioritise the issue, thereby reducing the threat of a breach further down the line. QRadar is capable of analysing countless incidents per day, helping you to identify the greatest threats facing your organisation Unauthorised traffic detection
Since many organisations now permit employees to connect personal devices to the WiFI network, it can be difficult to identify any unauthorised devices that might attempt to connect. QRadar can detect potential threats—such as a jailbroken device, suspicious applications installed on a device, or potentially malicious Internet communications—and then trigger quarantining of the device and/or escalation to the appropriate security team for action. Forensics investigation and threat hunting
In the event that a breach occurs, and malicious software is installed on your business network, QRadar’s advanced threat hunting functionality can help your security team to reconstruct the intrusion step-by step.
What’s more, the forensics workflow enables analysts to quickly and easily build a rich profile of the malicious software and piece together the infection paths through link analysis to identify “patient zero” and any other infected parties. As a result, the security team can quickly remediate the damage and help minimise recurrences. Ward Solutions’ Security Operations Centre
Ward’s SOC is staffed by a team of information security engineers and consultants who protect businesses through prevention, analysis, detection and rapid response to a growing level of cyber threats on a 24×7 basis. The SOC uses best of breed security platforms and is underpinned by a set of operational, analytical and business technology processes and procedures, meaning that security issues are quickly and efficiently dealt with.
Contact Ward Solutions for a chance to win free security services worth €3,000 Thanks for reading our series of QRadar blogs! If you haven’t done so yet, there’s still time to sign up for a chance to win a QRadar trial. For more information on how you can take advantage of the QRadar platform and Ward’s managed service expertise contact us today. Visit www.ward.ie or call +353 1 6420100. [1] Talk Talk Business White Paper, http://response.talktalkbusiness.co.uk/Cyber_Security_White_Paper_Download
QRadar can help you to detect anomalies within the noise and effectively identify threats. Welcome back to Ward Solutions’ QRadar Masterclass, our series of blogs aimed at showing you how IBM’s QRadar security intelligence platform can help your business to tackle cyber-crime head on. Today we’re taking a look at some of the advanced features of QRadar and how they work. Visibility is critical to defending against threats
Visibility over all areas of your business is critical to defending effectively against developing threats. However, while it is imperative to collect and store all original data that is relevant for your log, threat and compliance initiatives, it is simply not feasible for your IT team to sift through all of this information to spot and solve problems. This is where QRadar comes in. As a combined security intelligence platform, QRadar gathers information from a range of sources within the business network, sifting through the noise and prioritising millions of event records into a handful of actionable items. In this way QRadar can sense threats and anomalies that are extremely difficult for IT teams to spot. Make sense of the noise
Following this, actionable items, known as ‘offenses,’ are presented to your IT team on predefined dashboards. Each offense contains all relevant information about attackers (including correlations about user identity) and their targets, and provides all relevant network and security information necessary for further forensics. This allows you to effectively plan your defense strategy.
QRadar presents actionable items, known as ’offenses,’ to your IT team on predefined dashboards.
All information collected by QRadar can also be produced as a report. There are a range of report templates available out of the box, and with the report wizard it’s possible to create new templates and edit existing ones.
All information collected by QRadar can be produced as a report on a custom template.
To ensure that your system is up and running as quickly as possible Ward provides a number of profile settings out of the box, which are continuously updated by our shared knowledge of the millions of incoming logs and events monitored by QRadar. This enables:
Detection of threats in the network that are not being or can’t be seen by security devices and other log sources
Network self-discovery capabilities that build and maintain an accurate history of all assets on the network, their communication patterns, their server type, their vulnerability history and their corporate value
Network enabled processing of incoming information to understand and prioritize an event’s severity (priority of the event contrasted to the vulnerability of the target) and relevance (priority of the event contrasted to the business value of the target)
Identification of the correct resolution point within the monitored network: a firewall, router or switch, or event NAC gateway
Forensic traffic that shows network and application communication at the time that events or logs were fired from any source
A scalable solution – from corporations to SMEs
The architecture and out-of-box features of QRadar mean that it is capable of scaling from the largest corporations to SMEs, whose logging, monitoring and analysis needs can be met with a single appliance.
The advanced level of business intelligence provided by the QRadar platform will ensure that your business has the edge in the fight against cybercrime. Thanks for reading! Our next blog will take a closer look at our managed SIEM service offering, which is delivered from Ward Solutions’ Dublin-based Security Operations Centre. Contact Ward Solutions today for a chance to win security services worth €3,000 For more information on how QRadar can help your business to effectively tackle cybercrime contact Ward Solutions today. Visit www.ward.ie or call +353 1 6420100. A number of lucky businesses will receive a free proof of concept trial worth €3,000. And if you’d like to receive these blogs first make sure to sign up to our newsletter today.
