https://www.channelfutures.com/wp-content/themes/channelfutures_child/assets/images/logo/footer-new-logo.png
  • Home
  • Technologies
    • Back
    • Analytics
    • Artificial Intelligence
    • Cloud
    • Data Centers
    • Desktop
    • IoT
    • Mobility
    • Networking
    • Open Source
    • RMM/PSA
    • Security
    • Virtualization
    • Voice/Connectivity
  • Strategy
    • Back
    • Best Practices
    • Business Models
    • Channel 101
    • Channel Programs
    • Channel Research
    • Digital Transformation
    • Diversity & Inclusion
    • Leadership
    • Mergers and Acquisitions
    • Sales & Marketing
    • Specialty Practices
  • MSSP Insider
    • Back
    • Business of Security
    • Cloud and Edge
    • Endpoint
    • Network
    • People and Careers
    • Training and Policies
  • MSP 501
    • Back
    • 2020 MSP 501 Rankings
    • 2020 Hot 101 Rankings
    • 2020 MSP 501 Report
  • Intelligence
    • Back
    • Our Sponsors
    • From the Industry
    • Content Resources
    • COVID-19 Partner Help
    • Galleries
    • Podcasts
    • Reports
    • Videos
    • Webinars
    • White Papers
  • EMEA
  • Awards
    • Back
    • Excellence in Digital Services
    • 2020 MSP 501
    • Top Gun 51
  • Events
    • Back
    • CP Conference & Expo
    • Channel Partners Evolution
    • Channel Evolution Europe
    • Channel Partners Event Coverage
    • Webinars
  • Channel Mentor
    • Back
    • Channel Market Intelligence
    • Channel Educational Series
Channel Futures
  • NEWSLETTER
  • Home
  • Technologies
    • Back
    • Analytics
    • Artificial Intelligence
    • Cloud
    • Data Centers
    • Desktop
    • IoT
    • Mobility
    • Networking
    • Open Source
    • RMM/PSA
    • Security
    • Virtualization
    • Voice/Connectivity
  • Strategy
    • Back
    • Best Practices
    • Business Models
    • Channel 101
    • Channel Programs
    • Channel Research
    • Digital Transformation
    • Diversity & Inclusion
    • Leadership
    • Mergers and Acquisitions
    • Sales & Marketing
    • Specialty Practices
  • MSSP Insider
    • Back
    • Business of Security
    • Cloud and Edge
    • Endpoint
    • Network
    • People and Careers
    • Training and Policies
  • MSP 501
    • Back
    • 2020 MSP 501 Rankings
    • 2020 Hot 101 Rankings
    • 2020 MSP 501 Report
  • Intelligence
    • Back
    • Our Sponsors
    • From the Industry
    • Content Resources
    • COVID-19 Partner Help
    • Galleries
    • Podcasts
    • Reports
    • Videos
    • Webinars
    • White Papers
  • EMEA
  • Awards
    • Back
    • Excellence in Digital Services
    • 2020 MSP 501
    • Top Gun 51
  • Events
    • Back
    • CP Conference & Expo
    • Channel Partners Evolution
    • Channel Evolution Europe
    • Channel Partners Event Coverage
    • Webinars
  • Channel Mentor
    • Back
    • Channel Market Intelligence
    • Channel Educational Series
    • Newsletter
  • REGISTER
  • MSPs
  • VARs / SIs
  • Digital Service Providers
  • Cloud Service Providers
  • CHANNEL PARTNERS ONLINE
 Channel Futures

From the Industry


Sponsor Content

Playing chess

Intelligence to Stay Ahead

  • October 20, 2017
How can an organization possibly keep up when inundated with new malware? How can an organization stop threats when new tools make it easier than ever before to engage in cybercrime? It’s all about the intelligence.

The threat landscape continues to increase in sophistication. With a simple tweak, attackers can create a new malware variant to use to infect thousands of machines. It’s also easier now than ever to launch an attack. There are more tools available, from droppers to exploit kits to cybercrime-as-a-service, creating an environment where anyone can purchase malware and engage in cybercrime. Technical sophistication is no longer a requirement.

With the constant influx of new malware and low barriers to engaging in cybercrime, getting ahead of attacks may sound like an impossible task. How can an organization possibly keep up when inundated with new malware? How can an organization stop threats when new tools make it easier than ever before to engage in cybercrime?

It’s all about the intelligence.

A lot of security tools leverage commoditized threat intelligence. However, by deploying security tools that leverage evolving intelligence, organizations are able to stay ahead of attacks. How is this possible with new malware variants popping up all the time? As mentioned earlier, attackers make a simple tweak to create a new, effective piece of malware. However, they reuse a lot of their infrastructure in attacks. The fingerprints they leave behind help security researchers uncover what they are going to do next. Security research teams that actively leverage a rich combination of historical and real-time intelligence are able to see more, predict earlier, and protect effectively.

For example, an email might come through with a malicious attachment. The email is completely new, as is the malware in the malicious attachment. However, the domain that the malicious attachment redirects to might have been purchased using the same email address from a previous attack. The attacker might also leverage existing web servers. All of this information leaves fingerprints that can be used by security researchers to predict the next attack, helping organizations stay ahead of emerging threats. By identifying these patterns, building them into statistical models, and enforcing through a security product, users are protected from emerging threats.

Here at Cisco Umbrella, we have been using assisted and machine learning for five years in order to stay ahead of attackers. When considering the critical components of a truly predictive security service, there are three key pillars: data, security researchers, and statistical and machine learning models. When thinking about data, not all data is created equal. We have a large and diverse volume of threat data that our security researchers analyze. They then apply advanced techniques such as data mining and 3D visualization to identify patterns.

The security researchers are constantly finding new ways to uncover fingerprints that attackers leave behind. They build statistical and machine learning models that provide better threat detection and classification for Cisco Umbrella for MSPs.

Part of the benefit of having extensive intelligence is the ability to create policy that adheres to security risk profiles. With deeper intelligence, more information can be classified in a discrete way. For example, Cisco Umbrella has different security categories that clients can block or monitor depending on their risk appetite. Newly Seen Domains is a security category that identifies domains that have been queried for the first time within the previous few days. When a domain is first seen being queried by any user of Cisco Umbrella, we notice that; shortly thereafter, the domain is tagged as “newly seen” for all other users going to it for the next few days. This functionality helps expose domains that are part of newly emerging threats.

Having extensive intelligence and using garnered insights to enforce and protect is the key to staying ahead of attackers. It is important to look at the type of intelligence in terms of diversity, volume, and uniqueness, as well as how it is analyzed and applied.

Headed to Navigate 2017? Visit us at booth #18 on Oct. 2-5 to learn what you need to know in order to stay ahead of attacks.

Guest blogs such as this one are published monthly and are part of MSPmentor’s annual platinum sponsorship.

Tags: Cloud Service Providers Digital Service Providers MSPs VARs/SIs From the Industry Strategy Cisco Sponsor Content

Related


  • SASE
    How the SASE Model Helps Secure Remote Workers, Branch Offices
    The benefits of SASE can be distilled into three major categories: simplicity, security and scalability.
  • Cisco Umbrella SASE
    SASE: Securing Access and the Network Edge
    How Cisco’s approach to SASE optimizes performance and increases security.
  • Secure Web Gateway Remote Worker
    How Secure Web Gateways Fared in AV-TEST Benchmark
    Amid pandemic, secure web gateways are more critical than ever for securing remote workers.
  • endpoint protection
    Enabling Off-Network Endpoint Protection: A Critical Part of Your Remote Worker Cybersecurity Strategy
    Here’s how to provide endpoint protection to roaming users on all devices.

Leave a comment Cancel reply

-or-

Log in with your Channel Futures account

Alternatively, post a comment by completing the form below:

Your email address will not be published. Required fields are marked *

Related Content

  • The Essential Guide to Securing Remote Access
  • Duo Managed Service Provider Program
  • Duo Security’s Two-Factor Authentication Evaluation Guide
  • Cisco Umbrella Receives Gartner Peer Insights Recognition

Galleries

View all

Channel Partners Virtual 2021 Is the Hottest Ticket in Town

February 26, 2021

Industry Perspectives

View all

The “Roaring 20s” Are Coming

February 25, 2021

Three Ways MSPs Can Improve Supply Chain Security

February 24, 2021

SASE: The Key to Mitigating Business Transformation Risk

February 22, 2021

Webinars

View all

A Partner’s Perspective on Channel Success in 2021

March 17, 2021

XDR and Why it Matters to MSPs

March 24, 2021

Top Security Trends Impacting Technology Security Providers In 2021

March 25, 2021

White Papers

View all

Ready To Add Cutting Edge IoT Solutions To Your Portfolio?

  • 1
February 25, 2021

What Is The Value Of Distribution For The Internet Of Things?

February 25, 2021

The Internet of Things (IoT): Where do You Begin?

  • 1
February 25, 2021

Upcoming Events

View all

Channel Partners Virtual

March 2, 2021 - March 4, 2021

Channel Partners Conference & Expo

November 1, 2021 - November 4, 2021

Videos and Fastchats

View all

FASTCHAT: How SOAR Eliminates Security Challenges and Elevates Service Provider Revenues

January 6, 2021

Happy Holidays from Channel Partners & Channel Futures!

December 21, 2020

FASTCHAT: How Old, Unpatched Technologies Are Creating New Security Threats for MSPs and Their Customers

December 3, 2020

Twitter

ChannelFutures

Amazon WorkSpaces @awscloud DaaS client will be available on @IGEL_Technology virtual endpoint client OS.… twitter.com/i/web/status/1…

February 26, 2021
ChannelFutures

.@VMware cutting more workers in California as part of ongoing #workforcerebalancing. #layoffs… twitter.com/i/web/status/1…

February 26, 2021
ChannelFutures

#CPVirtual is March 2-4. It’s the hottest ticket in town — any town, since it’s 100% online — so make sure you have… twitter.com/i/web/status/1…

February 26, 2021
ChannelFutures

.@datto, @ThreatLocker partner to streamline #MSP secure business operations. dlvr.it/RtYvJK https://t.co/nKGnwbblNO

February 26, 2021
ChannelFutures

Infographic: Why Partner with Sierra Wireless and GetWireless? dlvr.it/RtYh1m https://t.co/KcBFzXIx7l

February 26, 2021
ChannelFutures

Infographic: The Sierra Wireless Essential Series dlvr.it/RtYgxv https://t.co/CatxbRHzXr

February 26, 2021
ChannelFutures

#Threatprotection is no small matter for #MSSPs. Find out what vendors say you have to do this year to protect your… twitter.com/i/web/status/1…

February 26, 2021
ChannelFutures

Cloud strategies and cybersecurity are key, and #COVID19 will have more impact than #Brexit on U.K. channel, says… twitter.com/i/web/status/1…

February 26, 2021

MSSP Insider

Newsletters and Updates

Sign up for The Channel Report, Channel Futures Update, MSP 501 Newsletter and more.

Live Channel Events

Get the latest information on the next industry-leading Channel Partners event.

Channel Partners Online

Want more? Find more channel news and analysis on our sister site, Channel Partners.

Media Kit And Advertising

Want to reach our audience? Access our media kit

DISCOVER MORE FROM INFORMA TECH

  • Channel Partners Online
  • Channel Partners Events
  • MSP 501
  • MSSP Insider
  • IoT World Today
  • Webhostingtalk

WORKING WITH US

  • Contact
  • About us
  • Advertise
  • Newsletter

FOLLOW Channel Futures ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookie Policy
  • Terms
Copyright © 2021 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.
This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our Cookie Policy and Privacy Policy.
X