“We have got to get faster” at fighting hacks

“We have got to get faster” at fighting hacks

By:
Hitesh Sheth
January 5, 2017

Sen. John McCain, chairman of the Senate Armed Services Committee, held a hearing today with top intelligence officials on Russian cyber-attacks, after many remarks by President-elect Donald Trump called into question conclusions by U.S. intelligence community that Kremlin-backed hackers meddled in the 2016 election.

While hearings focused on Russia and the Democratic National Committee hacks, testimony from Adm. Michael Rogers – director of the National Security Agency, commander of the U.S. Cyber Command and Chief of the Central Security Service – didn’t focus on who did it.

Instead, Rogers spoke about the need for faster tactical capabilities around cyber attacker detection and response, and how fake news is not a one-time threat but an ongoing campaign mounted for many nefarious reasons.

“The biggest frustration to me is speed, speed, speed,” Rogers said during his public testimony. “I'm constantly asking the team what can we do to be faster and more agile?”

This is not just about election hacking.

The point is we need to focus on faster and more efficient attacker detection and response capabilities, as the attacks are happening, for better awareness and response – and not after the fact. Rogers went on to say this requires a combination of advanced technology and resources, in particular highly skilled people.

There appears to be no problem attracting and retaining talent on the enlisted side of national intelligence. But it’s been challenging to retain top cybersecurity talent on the civilian side of national intelligence. The private sector is now dealing with the same problems that have surfaced at the national level.

It is estimated that today there are over 1 million infosec positions unfilledgrowing to over 1.5 million by 2019 – and more than 200,000 of those vacancies are in the United States. This global shortage of expertise and experience lies at the very heart of the infosec world’s ability to respond to cyber-attacks – affecting vendors and consumers alike.

Solving this cybersecurity skills shortage, while simultaneously allowing the private sector to get faster at fighting hacks, is a key driver at Vectra, where we apply artificial intelligence to automate the hunt for attackers in real timeand speed up the response to threats.

A new threat detection model that closes the cybersecurity gap

The requirements for an advanced threat detection model include identifying active cyber attacks based on what has been learned from the past as well as local context. This new model then connects events over time to reveal the progression and actions of threats inside of networks. Download the free e-book to learn more.