Performing a security risk assessment has become an economic and functional necessity in the digital economy. Cyber-threats and many of the legal and operational aspects of data-handling now constitute as much of a challenge to enterprise success as effective marketing, and continuous service delivery.

In part 5, we looked at auditing your network device logs. A decade ago, security professionals were primarily concerned about network perimeter and endpoint security. While those concerns are still valid, technological advancements have created new scenarios that need to be addressed.

Recent news has broken about a group of hackers which appears to be operating out of Russia. The group, dubbed “Silence,” is believed to be involved in the theft of over $800,000 from multiple Russian and Eastern European financial institutions. However, what is particularly notable about this group is they seem to count at least one former cyber security professional among their number.

2017 was supposed to be the year of the Internet of Things (IoT)—the year that this highly-touted technology matured and started producing tangible results for organizations. However, the last 12 months have left advocates of IoT frustrated. A report from Cisco claims that close to 75 percent of all IoT projects fail, and IoT as a buzzword has been replaced by the likes of artificial intelligence and blockchain. This disheartening news paints a grim picture for IoT.

Few things put more fear into the hearts of IT departments than the thought of a massive cyber attack — and for good reason. In 2017, the average cost of security breaches for U.S. organizations was estimated at $3.5 million. But it’s not all about the money. In addition to the financial burden caused by cyber attacks, the loss of client trust and credibility post-breach can be extremely difficult to bounce back from.

Anyone trying to access resources in your network needs to interact with your network devices: firewalls, routers, switches, and IDS/IPSs. Each of these devices generate syslogs that contain important security information and must be audited to gain complete visibility into the activities occurring in your network. Most SIEM solutions, including our own Log360, can collect and analyze syslogs in real time and instantly alert security teams if any security event of interest occurs.