F-Secure: data breach detection requires human & machine brains

Security focused software application developers like to drop this favourite one-liner to remind us just how insecure we all are…

“There are only two types of companies: those that have been hacked… and those that will be.”

The comment itself is attributed to Robert Mueller, FBI director, back in 2012.

F-Secure has something of a new spin on that comment and says that if companies aren’t seeing security incidents during their normal course of systems operation then, they are probably missing something.

The ‘data breach-aware’ IT stack

Essentially, the firm is saying: program your IT stack systems structure around the reality that security incidents always exist on a day-to-day basis.

The firm has launched a new intrusion detection and incident response service to uncover threats inside networks.

The managed service is a combination of both human and machine intelligence – and it comes with a promise to notify companies within just 30 minutes of a breach detection.

“The average data breach can take weeks, months or even years to detect. Organisations are failing at early breach detection, with more than 92 per cent of breaches undetected by the breached organisation. Many companies rely solely on a defensive perimeter to protect them, which is crucial but only one part of a holistic cyber security strategy,” said the company, in a press statement.

VP of advanced threat protection at F-Secure Pekka Usva explains that this new service consists of three major components:

  • Endpoint and Network Decoy sensors that collect data about events and activities;
  • F-Secure’s threat intelligence and behavioural analytics, which analyses the data to identify anomalies; and…
  • A Rapid Detection Center, which is staffed 24/7 by a team of cyber security experts

The human component is an important factor according to Erka Koivunen, cyber security advisor at F-Secure.

“Attackers are human, so to detect them you can’t rely on machines alone. Our experts know how attackers think, the very tactics they use to hide their presence from standard means of detection. The human factor also eliminates false positives, which are an extreme waste of resources,” said Koivunen.

Birds-eye view

F-Secure: join up the dots if you want to keep out the nasties

Once a breach has been detected, Rapid Detection Service also provides actionable intelligence for the response phase. The customer’s security team will learn exactly how the breach happened, how to isolate it and get advice on remediation.

With quick detection, an accurate diagnosis and expert advice on remediation, companies can in theory limit damage.