WWC

ITNewsAfrica logo





linkedin   twitter icon   facebook



 

Early detection and rapid response critical for targeted attack remediation

 

Early detection and rapid response critical for targeted attack remediation
JOHANNESBURG – 23 February 2018 – In combatting a targeted attack on your network, early detection and rapid response are both critical. Cyber security experts accept the strong possibility that criminals will be able to enter their network at some or other point, and in this context, the issue becomes less about being able to keep them out, and more about detecting them and taking remedial action as soon as their presence is discovered. This is according to a recent report from global cybersecurity company RSA.

Anton Jacobsz, managing director at value-added distributor, Networks Unlimited, which distributes RSA products and solutions in Africa, comments, “The report from RSA Incident Response Services notes that, once detected, rapid response is needed to mitigate the potential damage and prevent them from achieving their objectives. RSA’s Advanced Cyber Defense (ACD) services for Incident Response enable organisations to prepare for security incidents without having to accept the inevitability of loss.”

The report outlines the comprehensive forensic analysis framework in the RSA approach to threat response and mitigation, noting that the response process ‘…takes into consideration data from multiple sources including in-house systems, open source research, “RSA Live” threat intelligence and the customer’s threat intelligence sources.’

The approach taken includes network analysis, using host forensics, harvesting threat intelligence and malware analysis, as follows:

  • Network analysis: Data from packets and logs collected by RSA NetWitness is used to identify suspicious or risky communications.
  • Host forensics: Executables, files and libraries are used to identify unauthorised services and processes deployed by the attacker and running on end points.
  • Threat intelligence: Research is conducted to gain insights about the attack infrastructure, tools and techniques, which is particularly helpful in gaining insight about threat actors that are persistently targeting the organisation.
  • Malware analysis: Malware tends to be relatively small in terms of file size, which helps the attackers to avoid detection. Malware analysis allows an incident response team to develop blocking techniques and make the organisation more resilient.

Jacobsz concludes, “Attackers do leave clues to their presence and analytic intelligence, as offered by RSA, is key in being able to offer early detection and rapid response. Ongoing analysis and threat intelligence further allows an organisation to bolster its defences into the future.”

The full report is available for download as follows: https://www.rsa.com/content/dam/pdfs/3-2017/h14386-ir-ds.pdf

For more information, please contact Alec Aronson, RSA product manager at Networks Unlimited: alec.aronson@nu.co.za.

About RSA
RSA offers business-driven security solutions that uniquely link business context with security incidents to help organisations manage risk and protect what matters most. RSA solutions are designed to effectively detect and respond to advanced attacks; manage user identities and access; and, reduce business risk, fraud, and cybercrime. RSA protects millions of users around the world and helps more than 90% of the Fortune 500 companies thrive in an uncertain, high-risk world. For more information, go to rsa.com.


About Networks Unlimited
Networks Unlimited is a value-added distributor, offering the best and latest solutions within the converged technology, data centre, networking, and security landscapes. The company distributes best-of-breed products, including Arbor Networks, Fortinet, F5, Mellanox, ProLabs, Rackmount, RSA, Rubrik, Silver Peak and Tintri. The product portfolio provides solutions from the edge to the data centre, and addresses key areas such as cloud networking and integration, WAN optimisation, application performance management, application delivery networking, Wi-Fi-, mobile- and networking security, load balancing, data centre in-a-box, and storage for virtual machines.

Since its formation in 1994, Networks Unlimited has continually adapted to today's progressively competitive and evolving marketplace, and has reaped the benefits by being a leading value-added distributor (VAD) within the Sub-Saharan Africa market. Networks Unlimited complies with the South African Broad-Based Black Economic Empowerment (B-BBEE) guidelines as a Level 4 Contributor.

Contacts
Networks Unlimited, Ingrid Mulaudzi, +27 (0) 11 202 8400, ingrid.mulaudzi@nu.co.za
icomm, Vivienne Fouché, +27 (0) 82 602 1635, vivienne@pr.co.za, www.icomm-pr.co.za






 

 

COMPANY PRESS OFFICE

ITNewsAfrica logo

 
 
Download Button