sb-nz logo
Story image

Transformative SIEM solution to tackle security professional shortage

25 May 2018

The world has a shortage of cybersecurity professionals. In fact, new security vendor Jask believes the US alone has a shortage of 300,000 cybersecurity professionals, with the number being 3.5 million globally.

The worry is that the short-staffed security operations centres are drowning in thousands of alerts and warnings across their organisation's networks. Yet an attacker only needs to succeed in one attack amongst these missed warnings to achieve their purpose.

So far the solution has been for organisations to try and hire as many security analysts as possible. Then sit them in front of security information & event management (SIEM) solutions from vendors like LogRythm, Splunk and ArcSight.

These SIEM solutions do a fantastic job of capturing logs and information from around an organisations network. Although the shortage of skilled professionals available to hire and the huge number of notifications, warnings and alerts being generated in each organisation is leaving areas unmonitored.

Jask is a two-year-old startup who is determined to resolve this issue. They’re applying artificial intelligence (AI) and machine learning to the problem.

The software ingests huge amounts of information from existing SIEM tools, sorts through it using it’s proprietary AI. This could see thousands of warnings turned into a handful of noteworthy recommendations.

Cleverly the AI connects different events that may have occurred in different parts of the organisation's infrastructure and can associate them. Which in turn can show a timeline of unusual activity that individually don’t look suspicious but combined are serious issues.

By highlighting the most serious issues and connecting the dots, a security analyst can focus on high-value investigations rather than manual sorting.

“JASK’s goal is to re-imagine Security Operations, by hiring the best computer scientists, math experts and machine learning gurus to develop the technology that will enable our best SOC analysts around the globe to work together training machines to automate discovering, responding and even learning about tomorrows cyber threats so we can free our SOC analysts to do the work that really matters most: protect our organizations information!” says Greg Martin, Jask CEO and co-founder.

Jask see’s themselves as modernising SOC operations, yet in many ways, they can really make a dent in the skills shortage around the world. One could only imagine how it’s AI and machine learning platform could perform more and more functions within the SOC in future years.

“We have finally reached the perfect storm of technology, policy and opportunity to completely re-factor Security Operations with the major advances in open source big data and AI software and general adoption of cloud-native services throughout the enterprise,” says Martin.

Just last week the company announced a new ‘Special Ops” professional service. Essentially they have hired from competitors a bunch of highly trained security professionals that are available to augment the clients existing cybersecurity staff. Then using their Jask tools provide the latest tactics, techniques and procedures to defend critical assets from advanced cyber attacks.

“I am thrilled with the incredible level of talent we have brought on board, and as far as threat hunting is concerned, the Jask Special Ops team is the most impressive group I’ve come across in my career. In combination with the context and visibility provided by our platform, the team is already delivering tremendous value by engaging with our customers to mitigate and more importantly prevent risk” says Martin.

They now have a commercial product available, with 25 significant customers already in the financial services, telecommunications, healthcare and government industries.

They have received investments from well-known venture capitalists including Battery Ventures, Dell Technology Ventures, TenEleven and Vertical Venture Partners

Story image
5G network security a US$9 billion dollar opportunity - report
The cloud-native nature of 5G networks will have a disruptive and positive impact on the cybersecurity industry in the next few years, with 5G network security presenting a US$9 billion enterprise market opportunity by 2025.More
Story image
Why a more secure organisation is a collective responsibility
With vast volumes of data moving to the cloud, many IT professionals are frequently challenged to protect their enterprise environment, and there is a greater focus being placed on advancing cybersecurity strategies.More
Story image
Users becoming more savvy with COVID phishing scams
“With COVID-19 being around for over a year now and employees becoming more aware of the types of scams that have come out related to the pandemic, cyber criminals are having less success with related phishing attacks."More
Story image
Financial malware activity dropped in 2020 as creators honed their wares
Cybercriminals used the time to plan more malicious propagation techniques, both new and evolved from previous methods.More
Story image
AvePoint brings Salesforce Cloud Backup to channel partners
The product adds to the AvePoint suite of trusted Cloud Backup for Microsoft 365 and Dynamics 365 to provide managed service providers with backup and restore capabilities across multiple, popular SaaS providers.More
Story image
rhipe acquires emt Distribution, with aim to expand into enterprise market
The acquisition will enable rhipe to deliver a comprehensive portfolio of end-to-end security capabilities to its partners, the company says.More