sb-nz logo
Story image

Verizon unveils new tech to transform security decision making

28 Mar 2018

Verizon has released a new technology built upon the collaboration of a number of its partners.

The company hopes to equip businesses and government organisations to make data-driven security decisions and focus their security spend where it will have the most impact thanks to its Verizon Risk Report (VRR).

The VRR combines Verizon’s Data Breach Investigations Report (DBIR) series’ extensive cybercriminal activity database, the company’s professional service consultants’ expertise and specialised data sources from technology providers including BitSight, Cylance, Recorded Future, and Tanium.

The end result is an automated security risk scoring framework that identifies current security gaps, weakness and associated risks on a daily basis – effectively making security decision making that much easier.

Verizon executive director of security services for global products and solutions Alex Schlager says security strategies have historically been focused on static defences but today’s fast and ever-evolving security landscape demands them to be proactive and adaptable in order to be truly effective.

“Businesses can no longer wait for cyberthreats to occur, or rely on historical security strategies created to deal with yesterday’s threat landscape," says Schlager.

“The VRR uses threat intelligence sourced daily from multiple data security sources, to allow customers to make data-driven security decisions based on today’s threats, and adaptively, and efficiently, address gaps in their security posture. With VRR, Verizon is changing not only how security solutions are used, but more importantly, how customers can develop their security strategies.”

IDC program vice president Christina Richmond says in the past businesses have made security purchasing decisions based on previous expenditure or market trends, often resulting in budget being spent without direction and largely wasted.

“Senior executives still struggle to have complete visibility of their company’s security position, and the current threat environment, in order to make truly effective security decisions,” says Richmond.

“The cybercrime threat today is very real, and organisations need to be able to adjust and prioritise spending on security solutions in a more dynamic and effective manner.The Verizon Risk Report enables businesses to obtain cyber threat intelligence, and transform how they use security services to more effectively mitigate against threats.”

So how does it actually work? There are there service modules that integrate the specialised threat data sources via a consolidated customer security portal:

  • Level 1 – the ‘outside-in view’: This initial view uses BitSight’s security rating service, combined with deep web and dark web information from Recorded Future, for external assessments. This data is enhanced and contextualised with insights from the Verizon Data Breach Investigation Report (DBIR).  
  • Level 2 – the ‘inside-out view’: The external risk score obtained in level 1 can be enriched with an internal analysis of the business’ in-house systems, using Cylance and Tanium software agents. These are deployed on critical customer endpoints to provide an external and internal risk profile. The threat intelligence provided at this level is specific to the customer’s individual industry.
  • Level 3 – the ‘culture and process view’: Finally, information obtained by levels 1 and 2 can then be combined with qualitative assessments of an enterprise’s security policies, processes and organizational behavior. This step concludes and completes the crucial 360-degree assessment of customer’s cybersecurity posture.  

Verizon then provides specific recommendations based on the outcome of the VRR’s results.

The VRR service is currently in beta trials, but should soon be live and available around the world.

Story image
Research: Younger cybersecurity pros more fearful of being replaced by AI
According to the findings, 53% of respondents under 45 years old either agreed or strongly agreed that AI and ML are a threat to their job security, despite 89% of this demographic believing that it would improve their jobs.More
Story image
UiPath and eSentire bring hyperautomation to Microsoft Security
UiPath and eSentire have announced a strategic partnership to deliver end-to-end security policy automation across multiple Microsoft Security services.More
Story image
Cisco report: Remote working is here to stay, making cybersecurity a top priority
"With this new way of working here to stay and organisations looking to increase their investment in cybersecurity, there’s a unique opportunity to transform the way we approach security as an industry to better meet the needs of our customers and end-users.”More
Story image
NZX, Metservice attacks show Kiwi companies must rethink cyber security
The attacks are a wake-up call for New Zealand businesses to step up their threat protection and contingency planning systems.More
Story image
New project development inhibited by cybersecurity, Kaspersky research states
"There are still some practical steps that can be taken to make sure that an emerging technology or a product reaches its launch. Cybersecurity doesn’t have to be another corporate barrier, but it should be on an integral part of the project all long."More
Story image
Entrust launches cloud-based ID issuance solution
The Sigma instant ID solution uses encryption, trusted HSM technology and secure boot to issue highly secure physical and mobile identities.More