“All organisations should now assume that they are in a state of continuous compromise,” Rajpreet Kaur, Senior Research Analyst at Gartner.
Gartner believes the main challenge organisations are facing these days is the increasing gap between time to compromise vs time to discover. Organisations need to invest more on breach detection and response.
The Yahoo breach happened in 2014. The disparity between the speed of compromise and the speed of detection is one of the starkest failures discovered in breach investigations.
The average targeted malware compromise was present for 205 days before detection, the longest presence was 2982 days, and 69 per cent were discovered by external parties, not internal IT security functions. Additionally, the 2015 Verizon Data Breach Investigations Report highlighted that, “in 60% of cases, attackers are able to compromise an organization within minutes”.
Why should this matter to PeopleSoft customers?
If you believe Gartner, Verizon, et. al., then a key security use cases should be around narrowing the gap between compromise and discovery.
How can GreyHeller help?
Implement GreyHeller’s Logging and Analysis as part of an ERP Firewall implementation.
Our customers are integrating our logs with their existing SIEM systems to leverage real-time notification of security events. Logging data has been used to reduce false positives, uncover suspicious behavior, identify brute force attacks and track malicious insiders.
Our customers use this data to quickly research breaches in near real-time versus taking months or days after their PeopleSoft systems being compromised.