January Newsletter 2019
Quote of the Month
“We love paying exorbitant fees for our SIEM!”
– Said no one, ever.
Welcome to 2019! Have you made a New Year’s resolution? We think if there’s one resolution you should make and stick to in 2019, it’s to stop paying so much for your SIEM.
Show SIEM the Money
We talk to a lot of customers, prospects and industry analysts. A clear theme that comes out of our conversations is that SIEM costs are out of control. SIEM implementations are so expensive and difficult to swap out. The costs soar the more events per second (EPS) are fed to the SIEM. With “next-gen” SIEMs, you often pay additional fees for a data lake or proprietary data stores. You know the costs up front, but you’re still paying to store and process SIEM data. Customers are not happy about having to show SIEM the money.
Here’s the deal: the value is not in storing large volumes of data. The value is in insights derived from that data.
It’s painful to sift through SEIM logs and alerts to make sense of the data; you get a lot of false positive alerts. And, you cannot prioritize which alerts to investigate. It’s too much data and too much noise.
Take Security Beyond SIEM
Here’s where Gurucul adds value: we take security beyond SIEM. We start with SIEM data (or, we can ingest the raw logs directly), then we add into the mix all the security logs and application data feeds from across your environment. Our Security Analytics platform consumes as much data as you can throw at it – the more the better. This means you get a 360-degree view of user and entity behavior so you can be proactive in detecting and preventing threats – without having to pay exorbitant fees.
Our Security Analytics platform reduces the number of alerts to a manageable level and provides risk-prioritized intelligence so you can focus on the riskiest threats and only those threats. Gurucul Risk Analytics uses machine learning models (not rules) that learn how to predict malicious behavior. This is how our Security Analytics platform can detect threats missed by traditional SIEMs.
Get Open Choice of Big Data
Security analytics requires a big data platform. You need a data lake to store and perform analytics on all these data feeds in real-time. You don’t, however, have to pay to store this data. This is another critical difference between a SIEM and Gurucul Risk Analytics. We give you a data lake for free. We want you to ingest as much data as possible. That’s how we are able to detect and predict threats in real-time. We need to look at data across all the siloed applications and devices to paint a full picture of what is going on in your environment.
Further, if you already have a data lake, we can put our Security Analytics right on top of your data lake. We don’t require you to have a specific version of a data lake. We offer open choice of big data. Stop paying exorbitant SIEM data fees. Start getting insights on your data with our Behavior Based Security Analytics and Intelligence platform.
Watch Now! Super Bowl LII: Protecting Players’ and VIP Data
William Scandrett, CISO, Allina Health
The Super Bowl is a major event where security and privacy risks are tremendously magnified. Super Bowl LII was held in Minneapolis, MN – the home of Allina Health. Allina needed to monitor Healthcare providers activities to detect unauthorized or rogue access to patient’s data, and to prevent PHI data exfiltration.
Watch this recorded webinar to learn how Allina Health quickly implemented Gurucul UEBA for Super Bowl LII to drive and monitor privacy for players and VIPs.
Whitepaper: Behavior Analytics and Big Data for Cross-Channel Fraud Detection
Fraud has reached the highest levels on record, affecting more organizations than ever. But now, innovative new fraud analytics technologies are helping businesses to quickly identify high risk transactions and behaviors so they can act to mitigate or prevent the losses from fraud and other financial crimes.
Read this whitepaper to understand how Fraud Analytics provides a holistic risk-based approach for cross-channel fraud detection. The solution aggregates and links more data coming from many different systems. It is this cross-channel capability that shines a brighter light on not just transactions but also subtle behavioral activities and peer group analysis that would otherwise go undetected.
Why Fraud Detection Needs A Reboot
Saryu Nayyar, CEO and Founder, Gurucul
Fraud occurs every day across a variety of industries, causing trillions of dollars in losses each year. While financial services and banking are among the hardest-hit industries, other frequent targets include retail, health care, information technology, government/public administration and utilities.
The pervasiveness of the problem was revealed in a recent survey by PwC. Forty-nine percent of the businesses contacted by PwC for its 2018 Global Economic Crime and Fraud Survey reported they had experienced fraud and economic crime over a two-year period.
Fraud Analytics Can Help Prevent Fraud that Uses the Rails of SWIFT
Nilesh Dherange, Chief Technology Officer, Gurucul
The banking world has been rocked in recent years by revelations of several major fraud events, each of which netted perpetrators from $2 million to more than a billion dollars. In every case, the bad actors used the rails of the SWIFT payment transfer system. SWIFT, which stands for Society for Worldwide Interbank Financial Telecommunications, is used by more than 11,000 banks worldwide to facilitate cross-border financial transactions.
The SWIFT system itself wasn’t breached; it was merely the instrument that carried out the bankers’ instructions. In the case of one national bank, malicious insiders orchestrated the fraud scheme that unfolded over the span of seven years.
Embracing Risk Management Elevates Security Pros to Business Leaders. Why Do They Still Find it so Difficult?
Leslie K. Lambert, Chief Security and Strategy Officer, Gurucul
A few weeks ago, I spoke at the 2018 SecTor Conference. The ensuing Q&A on the concept of risk soon evolved into a discussion on whether “risk” has become a four-letter word. The kind we’re taught to avoid using in polite company.
Many information security professionals are now embracing the word and concept of risk to elevate their responsibilities, budget requests for business and even board level consideration. The transition from an “it’s all about security and protecting the crown jewels” to “we need to mitigate risk and embrace risk management” is a crucial step next step for the information security profession. Despite the reality, some of us struggle with the word “risk”.
What’s New On Our Blog
RSA Conference. March 4-8, 2019. San Francisco, CA. It’s better with Gurucul! We take security beyond SIEM to deliver predictive security analytics. Visit our booth, attend a presentation, see a demo of our products.