Posts

Ayehu Mentioned in Prestigious Gartner Research Report for Security Operations

Ayehu Software’s Security Automation Product Mentioned in Prestigious Gartner Research Report

Palo Alto, CA. Tel Aviv, Israel October 15, 2015 – Ayehu Software Technologies Ltd., leading developer of enterprise-grade IT process automation software is pleased to announce its inclusion in a recent Gartner research report. In this publication, Ayehu has been specifically recognized for its impact in the realm of Security and Cross-Team Workflow Operations Automation.

The report, entitled Maverick Research: Is it Time to Fire Your Security Team and Hire the Machines, delves deep into the importance of automation for cyber-security incidents. This topic is becoming one of the most critical aspects of IT departments across the globe, particularly given the increase in number and complexity of cyber-breaches and attacks. The research further explores the concept of digital business potentially marking the end of human-centric security processes.

Straying from its traditional, more constrained style of research of the past, Gartner is now offering these “Maverick” reports, which are designed to offer fresh insight and deliver innovative, disruptive and breakthrough ideas to organizations interested in the future of technology. Under this new format, the report covers everything from the current state of security to how the firm believes things will unfold as automation becomes more widely adopted.

Along with other noteworthy and established IT vendors, Ayehu was mentioned as one of the sample vendors for workflow operations automation.

“In terms of IT research and advisory firm, there is perhaps no firm that is more respected than Gartner and it’s a great honor to be mentioned by them” comments Gabby Nizri, Co-Founder and CEO of Ayehu. “We’ve been working tirelessly to deliver a quality product that provides a real security incident response automation solution and we couldn’t be more thrilled to be recognized for our efforts.”

To learn more about how automation can streamline and solidify your organization’s security incident, download Ayehu’s free eBook: 5 Reasons You Should Automate Cyber Security Incident Response. The company also offers free 30 day trial.

About Gartner

Gartner, Inc. is the world’s leading information technology research and advisory company. They specialize in conducting, compiling and delivering technology-related insight to help IT professionals and business leaders make sound decisions. Gartner is headquartered in Stamford, CT and currently employs 6,600 associates, including more than 1,500 consultants, research analysts and clients in 85 countries. For more information, please visit www.gartner.com.

About Ayehu

Ayehu provides IT Process Automation solutions for IT & Security professionals to identify and resolve critical incidents, simplify complex workflows, and maintain greater control over IT infrastructure through automation. Ayehu solutions have been deployed by major enterprises worldwide, and currently support thousands of IT processes across the globe. The company has offices in New York and Tel Aviv, Israel. For more information please visit www.ayehu.com





IT Process Automation Survival Guide




5 Common Cyber Security Incident Response Mistakes You’re Probably Still Making

5 Common Cyber Security Incident Response Mistakes You’re Probably Still MakingGiven the exposed vulnerability of big-name corporations to cyber-attacks, you probably already know how important it is to keep your systems as secure as possible. What you may not be aware of, however, is that you may be committing a number of common mistakes without even realizing it – mistakes that could be placing your infrastructure at great risk. Let’s take a look at 5 such errors so you’ll know what to avoid in your cyber security incident response strategy.

1. Inadequate Patching

Would-be criminals are constantly trying to find ways to sneak in the back door, so to speak, and if you’ve not properly dealt with weaknesses within your systems and infrastructure, then you’re leaving yourself wide open to become a target. Patches are sometimes necessary, but they should always be handled properly and followed up with actual solutions to mitigate risk.

2. Weak Password Policies

Having a password policy is an essential component of a cyber security incident response plan. This policy should include certain requirements that make it impossible to use simple (i.e. easy to hack) passwords. It should also require that all users periodically change their passwords to further prevent a possible breach. To make this easier and more efficient, businesses can leverage self-service and automation.

3. Accessing the Web on Unsecure Connections

We live in an increasingly mobile society, which means any number of your employees and colleagues could be accessing the web via work devices while on the road. Unfortunately, the convenience of working from the local coffee shop also presents a higher risk of breach because these places often feature networks that aren’t adequately secured. Your cyber security incident response plan should include documentation and specific instructions for mobile work.

4. Not Covering All Your Bases

You may think your infrastructure is secure because you have a quality monitoring system in place. The problem is, just because alerts are being monitored doesn’t mean they’re actually being handled properly. A solid cyber security incident response strategy should also include automation that will properly analyze and prioritize incoming incidents and assign them to the appropriate party for attention. This closes the loop and provides a greater level of defense.

5. Thinking it Could Never Happen to You

Often times a smaller organization ends up falling prey to a cyber-attack because they failed to recognize their vulnerability. These days businesses of every size and industry are at risk, so you must be diligent and proactive about developing and implementing a strong cyber security incident response plan to preventbecoming a victim.

Is your business committing any of these common security mistakes?

Could you use a more robust cyber security incident response plan?

Download this free eBook: 5 Reasons you Should Automate Cyber Security Incident Response 





eBook: 5 Reasons You Should Automate Cyber Security Incident Response




Top 10 Cyber Security Trends for 2015

Top 10 Cyber Security Trends for 2015The topic of cyber security is a hot one these days, and poised to remain that way for the foreseeable future.

With online security threats becoming much more sophisticated, businesses of every shape, size and industry are finding themselves in a position to spend time, money and resources to keep sensitive data safe. One of the most effective ways to do so is to remain abreast of what’s happening within the cyber security sphere so you can stay ahead of the game. That said, let’s take a look at the top 10 trends expected to affect this area over the coming months.

1. Shift to More Holistic and Flexible Strategies – With the level, intensity and type of threats changing on an almost daily basis, IT professionals will need to adapt to address these changes. A robust, automated system for monitoring and managing incidents will be required.

2. Integration vs. Single Solutions – There will be no one-size-fits-all approach to handling cyber-attacks. To the contrary, various technologies and systems will need to seamlessly work together to achieve the greatest level of protection. The key will be to find solutions that offer comprehensive integration while also providing out-of-the-box, user-friendly features.

3. Surge in Regulatory and Compliance Requirements – With the increase in security threats, we will also see a rise in the regulations surrounding compliance, particularly within the Government, Retail, Banking and Commodities sectors. These regulations will differ by country and will be based on industry best practices.

4. Rise of Mobile Malware – Cyber-attacks will no longer be confined solely to traditional servers and other equipment. Malware is now being aimed at mobile devices, including smartphones and tablets. This remains a significant concern, both for consumers and for businesses, which will need to develop strategies to address this growing problem. This will be particularly high on the list of priorities for the banking and retail industries as well as those organizations who’ve adopted a BYOD policy.

5. Automated Incident Detection – Online security is a 24/7/365 job. In lieu of hiring round-the-clock staff or requiring your IT personnel to remain constantly on-call, automation will become even more widely adopted across the globe. Incidents can be immediately detected, analyzed and prioritized, and the appropriate staff can be notified accordingly for a much more efficient and effective process.

6. Automated Incident Response – Along with the automation of incoming alerts, the response process will also be an area that IT Process Automation can be more effectively leveraged. By integrating a sophisticated ITPA product with the incident management strategy and creating a closed-loop process, the impact of any successful cyber-attacks can be significantly minimized while mean time to resolution (MTTR) can be dramatically improved.

7. Focus on Protecting Embedded Platforms – Platforms such as telecom infrastructure, hand-held devices and POS terminals have been exposed as targets for cyber criminals, as evidenced in the recent attacks in the retail and oil/gas sectors. Stronger security strategies will need to be developed and implemented to account for this added risk.

8. Increased Automation of Security Governance, Risk and Compliance (GRC) – Not only will enterprises need to continue to adhere to various regulatory and compliance standards, but there will also be a pressing need to maintain a level of flexibility and sustainability in doing so. In order to effectively manage audit requirements, more and more organizations will begin to adopt automated solutions.

9. Shift from Awareness to Best Practices – The previous strategy of simply raising employee awareness of information security will no longer be sufficient. Instead, organizations must focus their efforts on employee training and implementation of “best practices” to ensure proper risk-based behavior.

10. Proactive vs. Reactive Approach – With the trend toward automation leading the way for incident management and response, there will be a natural shift toward a more proactive approach to cyber security. Whether the adopted model is internal, outsourced or a hybrid of both will vary by organization based on industry, location, cost, level of risk and a number of other unique factors, but all will need to adapt accordingly.

While each of these trends comes with its own set of circumstances, the one common thread that ties most of them together is the growing importance of IT process automation in keeping critical information safe from cyber-attacks.

Is your business protected? If not, the time is now. Download your free trial today and help your organization stay ahead of the game over the coming months and years.

eBook: 5 Reasons You Should Automate Cyber Security Incident Response




When it Comes to IT Security, Incident Response is Key

Incident Response

When it Comes to IT Security, Incident Response is Key

As many well-known organizations learned the hard way this year, security breaches can not only impact the bottom line, but they can severely damage your reputation. If people feel they cannot trust a retailer like Target or Home Depot without risk of their financial information being compromised, they simply won’t do business with them. It’s enough to put even the most successful company on the road to ruin. The problem is, security breaches like this happen on a much smaller scale by the millions each and every year.

Organizations of every shape, size and industry are vulnerable to hackers and would-be online thieves who prey on any opportunity they can get their hands on. So, how can businesses protect themselves from such a disaster? The answer lies in quality incident response.

What many companies mistakenly do is place all their trust in detection, like malware. But, as the entire world learned following the Target debacle, this strategy isn’t always fool proof. In fact, if you’re not handling incoming incidents the right way, you could be placing your business in the same position as the others that have traveled down this dangerous and costly path.

Simply put, when it comes to maintaining the integrity of your sensitive data, prevention is always the best approach. Of course, there is no way to achieve 100% protection. You can come close, however, by designing a complementary incident management strategy that marries prevention with sound IT security practices. This ensures that in those instances when attacks manage to slip through the security measures that are in place, the incident response process will serve as a second line of defense.

Tips for Setting Up Your Own Incident Response Team
  • Choose the right personnel. This can include employees from within the organization who are at different levels and possess various skillsets. Generally speaking, most incident response teams are made up of workers with the following credentials:

o   System Administrators
o   Network Administrators
o   IT Managers
o   Software Developers
o   Auditors
o   Security Architects
o   Disaster Recovery Specialists
o   Chief Technology Officers (CTOs)
Maintain accurate logs of applications, networks and operating systems. These should be checked daily by network administrators to ensure that all software is logging properly. Use of log analysis programs is also recommended

  • Logs should be automatically backed up and stored not only locally, but also externally. This is essential to proper recording and analysis
  • Ensure that all incidents are documented, both for auditing and compliance purposes as well as for future enhancements to IT best practices
  • Use quality software products that can improve the process and visibility of incident ownership
  • Incorporate  IT automation into the alert management process to improve prioritization, delivery and escalation of critical incidents
  • Establish a balance between reactive services (incident management and documentation) and proactive services (security audits, intrusion detection system maintenance, security strategy development, pre-incident analysis)
  • Set and implement schedules for all proactive service activities
  • Enlist a third party to conduct penetration tests at least once a year
Additionally, the team tasked with handling incident response should be made up of the following subsets:
  • Team Lead – member in charge of all incident management activities
  • Incident Lead – member who reports directly to the Team Lead and coordinates all incident responses
  • IT Contact – coordinates communications between the Incident Response Team and IT Department
  • Legal Representative – member possessing experience in IT security policy and incident response tasked with mitigating risk of litigation
  • Public Relations Officer – handles all communications regarding security incidents

Given the fact that cyber risks are at an all-time high, and with criminals learning newer, more sophisticated ways to hack, there has never been a more critical time for businesses to employ proper security measures. The most effective way to do so is by developing and implementing a quality incident response strategy. The tips highlighted above should provide a good foundation and help establish your organization in a much more secure position moving forward.





eBook: 5 Reasons You Should Automate Cyber Security Incident Response




Using IT Process Automation to Enhance Continuous Response

security-breachWith all of the latest news reports about massive data breaches resulting in the sensitive financial information of millions of consumers being compromised, the topic of cyber security remains a priority for organizations of all shapes, sizes and industries. It’s also becoming more evident that the best offense in these situations is not just a preventative approach, but also successful, continuous incident response. Let’s take a look at what this entails and how IT process automation can enhance it further. When it comes to cyber security, it pays to plan ahead and think outside the box. Businesses must find ways to outwit and outmaneuver would-be cyber attackers by being smarter and better prepared. And it’s not just the big players that can benefit from enhanced security. In fact, as a recent Forbes article points out, even smaller businesses can now take advantage of a more secure existence, provided they leverage excellent data management and the quality continuous response resources available to them.

Times Have Changed

It used to be that installing anti-virus software and putting up a solid firewall were enough to keep most serious attacks at bay. The problem with this strategy, however, is that there are highly sophisticated organizations at work that are capable of getting around just about every prevention-first security measure in existence. To counter this, Forbes interviewed Shuman Ghosemajumder, vice president of strategy at Shape Security, who recommends taking an approach that protects your sensitive assets from the inside out. One of the things that businesses across the globe are now facing is the fact that viruses are only the tip of the iceberg when it comes to cyber security. This has essentially ushered in a new dawn of safety measures, and a new way of thinking overall. Instead of having to keep up with cyber threats, technology can be used to turn the tables and make these criminals keep up with the enhanced security strategies that organizations are putting into place. It allows businesses to stay one step ahead of their attackers.

Knowledge AND Action Are Required

Simply acknowledging that there are hacks and data breaches in just about every business and industry to some degree is not enough to keep your organization safe from the dangers that lurk beyond the perimeters of your IT infrastructure. It’s this knowledge, coupled with the appropriate action – namely, continuous response – that is critical to keeping precious data safe. It also requires a combination of ongoing analysis that allows firms to learn from past experiences and use that information to anticipate and prepare for similar situations in the future.

using IT process automation

Most cyber security experts acknowledge that sophisticated hackers are already using IT process automation to help them identify and exploit areas of weakness around the web. The best way to combat this is to beat these criminals at their own game, using the very technology they are to shut them down at every potential point of entry. Using IT process automation to detect malware and enhance continuous response allows businesses to locate and eliminate threats before they have the opportunity to wreak havoc. Like it or not, as long as the internet remains as the information super highway, there will be dangerous hackers waiting to exploit every opportunity they can find. Only those organizations that understand the importance of continuous incident response and leverage IT process automation to maximize their efforts will have the best chance at making it through unscathed. Is your business protected from the many security dangers out there?  





eBook: 5 Reasons You Should Automate Cyber Security Incident Response




 

Cyber Security Automation Trends

Security_trendsThese days, the barrage of security attacks on organizations is unrelenting. To cut the time it takes to respond to those attacks, IT executives are turning to security automation technologies. A new IDG Research survey of CIOs and CISOs found that 54 percent of security breach resolutions take days, weeks or months. To speed response and resolution time, 63 percent said they will increase their level of security automation over the coming year.

The problem lies in the fact that, despite heightened awareness of security attacks, the current efforts to thwart such attacks are having little to no effect. These attacks, their severity and their frequency, are not going down, and the time of detection – which 61% of survey respondents listed as days, weeks or even months – isn’t sufficient enough to avoid the inevitable consequences. This is why security automation will begin to become more prevalent in the coming months and years.

While many organizations have already begun to adopt IT automation tools to better manage incoming security threats, others remain unsure and even somewhat leery about turning over such an important task to a software product. The fact is, great strides have been made in terms of IT automation and the old, clunky and risk-laden products of the past have been replaced by highly effective, secure and sophisticated enterprise-class solutions.

One survey respondent, Bruce Perrin, COO and acting CIO for Phenix Energy Group, is fully on board with using automation to manage security monitoring. In fact, he believes it’s absolutely necessary, citing the fact that humans are inherently flawed, making the task of handling incoming attacks an especially risky one. He also believes that one of the biggest barriers to businesses embracing automation is fear of change. The problem with this, he points out, is that: “today’s security operations are all about anticipating new problems, not just dealing with old ones”.

While 56% of survey respondents cited cost as their main deterrent from shifting to automation, most of the other barriers listed indicate an underlying problem of insecurity and lack of knowledge about the security process as opposed to any type of technical issues. This is understandable, given the fact that today’s security processes are complex and present potentially severe consequences in the event of failure.

The key to overcoming these obstacles lies in educating decision makers about the many benefits the come with deploying a security automation solution. The most notable advantages include optimizing the time and efforts of security experts, which is a costly resource, as well as minimizing the impact a security breach can have on an organization’s finances and brand reputation.

Of course, achieving optimum results will ultimately depend on choosing the right product. Not all security automation solutions are created equal. Larger corporations must seek out products that are designed to support sizeable enterprises, can be easily integrated with the existing infrastructure and are scalable to account for future growth and organizational changes.

The best solution is one that is easy to implement, simple to learn and completely customizable to each organization. The company can start off automating security tasks and then work their way up accordingly. The product should also effectively combine automation with remote human decision making to ensure the highest level of attention. Most importantly, the right product will allow an organization to cut incident recovery time by up to 90 percent, ensuring that security attacks are identified and addressed in as timely a manner as possible.

With security threats becoming more advanced and dangerous, it’s becoming increasingly evident that the measures being taken currently are not sufficient to mitigate the associated risks. What’s needed is a simple but sophisticated product that can quickly and accurately detect potential security breaches so that they can be handled immediately – not days, weeks or months later. The way of the future is security automation.

Is your business prepared to handle a security attack? Start protecting yourself with automation today. Download a free 30 day trial or call 1-800-652-5601 to get started.





eBook: 5 Reasons You Should Automate Cyber Security Incident Response