Detect and Respond to Security Incidents

Posted by Susan Sison on May 8, 2015 9:36:39 AM

Hacking stopped being an amateur activity a long time ago. Today, hacking is done for money, by professional organizations with significant expertise and resources. Today's cybercrime is big business, and business is good.


So good, in fact, that the sheer scale of attacks is growing at an exponential rate, year over year. In fact, a recent study of malware created in 2014 found that over 317 million pieces of malware code were created in just that year alone. That means that over 860,000 new pieces of malware were created every day in 2014.

The interesting thing is, the vast majority of attacks, the malware used was actually not really anything new, but rather variations on hacks against vulnerabilities that had been around for years - in some cases, for quite a few years.

The Reality Behind Most Attacks

It should be a simple truth that routine vulnerability scans are performed, and identified issues are addressed immediately, so that most malware and hacks are ineffective. It should also be true that incidents in progress are immediately detected and responded to, just as physical security guards rush to the scene of a physical security alarm.

But in most organizations, reality paints a very different picture. For most organizations, there is simply too much data, and too many things to stay on top of, for any security organization to track on a daily basis, even things like basic patching and vulnerability management, much less incident response.

Time To Do Something About It

The data certainly suggest that it's time for a new approach to incident detection and response. And to that end, NCA has developed its Security Analytics service, which addresses many of the obstacles most companies face in implementing the security measures they need. NCA provides a service that augments and complements your security platforms and infrastructure, without placing the burden of implementation and management of that platform on your staff.

The NCA Security Analytics platform provides early detection of incidents, detailed analysis of vulnerabilities, and detailed reporting and analytics related to both.

Why Choose NCA Security Analytics

The Security Analytics service from NCA leverages infrastructure supplied by NCA, and installed into your environment by NCA engineers. Our tools, managed by the NCA NOC, collect, interpret and correlate data collected within your enterprise to provide actionable, prioritized intelligence for your staff. Just some of the aspects of the NCA Security Analytics service include:

  • Early warning and Detection - NCA Security Analytics analyze network traffic and patterns as that traffic moves through your network, detecting suspicious activity as it's happening.

  • Big Data analysis and correlation - The tools utilized by NCA sift through the volumes of data both at rest and at flight within your enterprise, to find those needles in the haystack that indicate areas where your team should focus your incident response measures.

  • Prioritized Remediation - The Security Analytics service identifies your most critical vulnerabilities and incidents, and prioritizes them against your business objectives, increasing your efficiency and support for the business.

All of this is provided on a monthly basis, sparing your budget from the impact of a large capital outlay. Likewise, NCA engineers handle the implementation and ongoing management of the tools, so that your staff isn't burdened with standing up and managing yet another IT platform. We handle all of the heavy lifting, while you focus on the intelligence, strategic activities, and stopping incidents from damaging your business.

If the Security Analytics service from NCA is something you'd like to explore further, contact us today.