by clicking on the page. A slider will appear, allowing you to adjust your zoom level. Return to the original size by clicking on the page again.
the page around when zoomed in by dragging it.
the zoom using the slider on the top right.
by clicking on the zoomed-in page.
by entering text in the search field and click on "In This Issue" or "All Issues" to search the current issue or the archive of back issues respectively.
by clicking on thumbnails to select pages, and then press the print button.
this publication and page.
displays a table of sections with thumbnails and descriptions.
displays thumbnails of every page in the issue. Click on a page to jump.
allows you to browse through every available issue.
GCN : January and February 2017
malware gets in, it doesn’t always detonate right away, CIO Rich Male- wicz said. “This allows us to go back in time and look at how it got in,” he said. “That’s the real value for me.” The system has enabled the cyber- security team to be more efficient. Typically a county network like Liv- ingston’s, with about 1,000 end users and 4,500 endpoints, would require a staff of about 10 to 20 people to moni- tor and follow up on anomalies, but Livingston has just one person doing that. As recently as last year, the county used mostly informal follow-up tech- niques such as interviews with users to find out about their network ac- tivity when a cybersecurity problem was spotted. Unsurprisingly, officials found the strategy less than satisfying. “We tended to rely on our firewalls and our signature bases and our sig- nature list systems, but you don’t get the root cause with that, and that’s where that gap was,” Malewicz said. “It’s great that we stopped some- thing, but how did it happen in the first place? We had no mechanism for that,” he added. “We have plenty of tools already — at the perimeter and, of course, defense-in-depth — that provide us rules-based, signature-based detection of bad things,” Curylo said. “But what we don’t know are the things that we don’t know, and those are typically the things that blossom into big problems for organizations.” But since deploying Darktrace’s so- lution last April, “it’s like a whole new security team here right now,” Male- wicz said. “It’s making us more proac- tive instead of reactive.” In the future, the county might add Darktrace’s Antigena product to its security suite. It acts as a “digital an- tibody” by fighting back against cyber- threats without affecting a network’s functions. Meanwhile, Curylo said officials will expand the use of behavioral ana- lytics as operational needs evolve. The county currently uses only one Dark- trace sensor, but it might add more. “This is both a strategic and a tacti- cal tool,” he said. “This allows us to understand our environment to such a degree that when we see a business proposal to do something new and dif- ferent — say, cloud storage — we’re able to talk more about the types of behaviors we already see on the net- work rather than take the fearful posi- tion of ‘Gee, if we take that, then we could have other kinds of problems that we don’t even know about.’” • GCN JANUARY/FEBRUARY 2017 • GCN.COM 29 Darktrace’s threat detection system analyzes raw network traffic over time to build a profile of an environment where anomalies are clustered, prioritized and visualized. 0217gcn_028-029.indd 29 1/31/17 1:52 PM
October and November 2016