Can you tell if an attack is in progress
There is a vogue in cybersecurity that says one should accept that the perimeter is no longer the impermeable castle wall and that users should accept that you can’t keep the bad guys out.
That would make intrusion detection systems even more important.
In the old days a malware attack would breach the perimeter and immediately set about trying to spread a virus or search for data and try to steal it.
Today there is much emphasis on bad actors who place sleeping malware onto systems which will simply rest there until activated by some trigger or some action.
PaloAlto networks describes an intrusnion detection system thus: An Intrusion Detection System (IDS) is a network security technology originally built for detecting vulnerability exploits against a target application or computer.
Some intrusion detection systems look for signatures. Other explore patterns against libraries of activity. Host detection systems can take an image of an entire system.
A recent study from Tripwire evaluated the confidence of IT professionals regarding the efficacy of seven key security controls, which must be in place to quickly detect a cyber attack in progress. Study respondents included 763 IT professionals from various industries, including 134 participants from financial services.
According to the Identity Theft Resource Center’s 2015 Breach List report, the number of data breaches within the banking, credit and financial sectors nearly doubled between 2014 and 2015. Despite this increase, the majority of IT professionals in financial services displayed high levels of confidence in their ability to detect a data breach, even though they were unsure how long it would take for their security tools to discover key indicators of compromise. While sixty percent of financial respondents either did not know or only had a general idea of how long it would take to isolate or remove an unauthorized device from their organizations’ networks, eighty-seven believed they could perform this task within minutes or hours.