Intrusion Detection Is Not A Cure-All
A ransomware attack in early 2016 dubbed “SamSam” was so severe — and, frankly, frightening — that the FBI sent out an alert to watch out for it. The problem was hackers discovered a huge security hole in a popular piece of open-source networking software and used it to launch ransomware attacks on hospitals.
As if that wasn’t worrisome enough, this exploit enabled hackers to get into networks undetected by intrusion-flagging technology. The hackers’ traffic looked like that of ordinary system users, so there was nothing to detect.
False alarms are another potential limitation of intrusion detection technology. If you want to avoid wasting a lot of time chasing false positives, you have to tune the technology carefully.
Considering Security As A Service
The threat environment changes daily or weekly. That might not seem like a big deal if you can afford to staff a team of security experts around the clock. But lots of IT managers are under constant pressure to hold down costs and headcount while continuously improving their core IT services.
That’s why we’ve seen a rise in Managed Security Services Provider (MSSP) offerings. There’s just too much going on in the security arena to keep up without adding extra people.
When you partner with an experienced MSSP, you’re tapping into a team of experts who spend all of their time figuring out how to fend off the cleverest hackers. They’ll know how to deliver the best combination of intrusion detection, log management and perimeter defense. And they’ll know how hackers can circumvent these systems.
That’s too much for a lot of companies to deal with if security is not their core business.