Cor­re­lat­ing threat in­tel of­fers a real leg up on data se­cu­rity


Credit Union Journal - - Special Report - BY W.B. KING

WHEN AP­PROACH­ING SE­CU­RITY ANA-lyt­ics and in­ci­dent re­sponse, Pub­lic Ser­vice Credit Union faced var­i­ous chal­lenges with re­sources, such as log re­ten­tion, data stor­age, ad­min­is­tra­tion and man hours.

“We needed a so­lu­tion that made sense for our en­vi­ron­ment, sat­is­fied our re­quire­ments, ad­dressed our chal­lenges, but also en­hanced our ca­pa­bil­i­ties,” said PSCU Vice Pres­i­dent of In­for­ma­tion Tech­nol­ogy Car­los Vazquez. The $1.8 bil­lion Lone Tree, Colo.-based PSCU turned to DefenseStorm, a cloud-based cy­ber­se­cu­rity so­lu­tions firm in Seat­tle. In ad­di­tion to proac­tive mon­i­tor­ing, Vazquez ex­plained that DefenseStorm pro­vides ac­cess to real-time threat in­tel­li­gence, which al­lows PSCU to con­duct timely foren­sic anal­y­sis.

“By tak­ing ad­van­tage of 24/7 event mon­i­tor­ing, cor­re­lat­ing with other threat in­tel­li­gence sources, while hav­ing the abil­ity to cre­ate alerts from any sys­tem, we have been able to uti­lize the so­lu­tion far be­yond our ini­tial use case,” said Vazquez.

PSCU took a “phased roll-out ap­proach” that in­volved a dis­cov­ery process of “iden­ti­fy­ing all of our sys­tems from which we would like to see events,” said Vazquez, ini­tially fo­cus­ing on crit­i­cal sys­tems and net­work in­fra­struc­ture.

“We then re­al­ized the so­lu­tion was highly scal­able and de­cided to in­clude any end­point that is con­nected to the net­work and was sup­ported. One of the im­me­di­ate ben­e­fits was es­tab­lish­ing a base­line for our traf­fic,” he con­tin­ued. “With a base­line, we could then iden­tify an anom­aly that may re­sult in a se­cu­rity in­ci­dent.”

Prior to im­ple­men­ta­tion, Vazquez said that would have been dif­fi­cult due to the sheer amount of data at stake.

Ad­di­tion­ally, DefenseStorm set up alerts con­cen­trated on anom­alies and helped the credit union iden­tify ones that are used in best prac­tices or those unique to PSCU — and how to pri­or­i­tize them based on sever­ity.

PSCU’S Vice Pres­i­dent of In­for­ma­tion Tech­nol­ogy Car­los Vazquez.

Newspapers in English

Newspapers from USA

© PressReader. All rights reserved.