by clicking on the page. A slider will appear, allowing you to adjust your zoom level. Return to the original size by clicking on the page again.
the page around when zoomed in by dragging it.
the zoom using the slider on the top right.
by clicking on the zoomed-in page.
by entering text in the search field and click on "In This Issue" or "All Issues" to search the current issue or the archive of back issues respectively.
by clicking on thumbnails to select pages, and then press the print button.
this publication and page.
displays a table of sections with thumbnails and descriptions.
displays thumbnails of every page in the issue. Click on a page to jump.
allows you to browse through every available issue.
GCN : May 2014
GCN MAY 2014 • GCN.COM 23 sionals assume today that a breach is in- evitable in any targeted enterprise, and this means that incident response also should be automated. That is the niche of Invotas, a service and software offering from CSG International. "We didn't want to be another analytic platform," said Paul Nguyen, president of CSG Invotas global security solutions. The focus instead is orchestrating breach response at machine speed. Debuted at the RSA security conference in February, Invotas is based on 10-year- old software that already was being used in telco networks to communicate with thousands of devices and activate and de- activate services based on business rules. "We leveraged that same concept around predefined rules" for responding to a breach or cyberattack, Nguyen said. "We sit on top of other solutions" and direct the response. Firewalls, intrusion prevention systems and other tools are connected through the Invotas platform and can be ordered to redirect or block traffic, reconfigure settings or take other predefined actions at machine speed. Most organizations al- ready have policies for incident response in place that can be automated through Invotas policies, Nguyen said. Work on Invotas began about two years ago and it was piloted in several federal agencies. Government is a core market for the product, and Nguyen said the compa- ny hopes to be included in the next round of Homeland Security's CDM program of- ferings. SOCIAL THREATS DEFENSE Social engineering is another threat that can penetrate the best perimeter de- fenses. It is an old family of attack tech- niques predating the Internet, but it can leverage social networking sites today to create a new generation of threats. Social networking sites have become trusted platforms for communication, and a com- promised account can become a powerful social engineering tool for spearphishing and damaging the reputation of individu- als and organizations. MTN Government, a satellite commu- nications company, has begun offering a cloud-based service to its government customers to detect and block malicious social networking activity such as fraudu- lent posts or faked communications for phishing. The online personas of at-risk individuals are monitored for suspicious activity, which can be blocked or removed from the sites. "The reason government is so interest- ed in this is that social media are so perva- sive; people accept it," said Peg Grayson, president of MTN Government. Powered by the ZeroFOX platform, the service runs in a secure network op- erations center. Behavioral signatures are created for customers and used to verify the monitored activities on social media. When activities are spotted that do not conform to the signatures, the customer is alerted. "It doesn't require that an in- dividual provide personal information," Grayson said. As with other analytic approaches to security, this protection does not take the place of other tools. "Traditional security products are one piece of a total risk-man- agement profile," Grayson said. Full secu- rity requires a suite of protection, both at the enterprise perimeter and on either side of it. • 1. Tool: ControlFabric Company: ForeScout What it does: Lets company's endpoint control tool interact with other IT security products on the network. Enables continuous monitoring through products already in place. 2. Tool: CylancePROTECT Company: Cylance What it does: An agent running on the endpoint that uses proprietary algorithms to model software being examined. Machine learning lets it respond quickly to allow or block execution based on the user's policy. 3. Tool: Invotas Company: CSG International What it does: Orchestrates automated incident response based on the principle that breaches are inevitable. The tool connects rewalls, intrusion prevention systems and other tools, which can be ordered to redirect or block traf c, recon gure settings or take other prede ned actions at machine speed. 4. Tool: Cloud-based service powered by ZeroFox Company: MTN Government What it does: Detects and blocks malicious social networking activity such as fraudulent posts or faked communications for phishing. The online personas of at-risk individuals are monitored for suspicious activity, which can be blocked or removed from the sites. Next-generation tools at a glance