U.S organizations alone had 1,579 publicly disclosed data breaches in 2017, and external hackers were to blame in nearly 60 percent of those cases. A separate study found that the average cost of a data breach in 2017 reached $3.62 million. Another report projects that global cybercrime will cost the world $6 trillion in 2021, double the tally in 2015.
Suffice it to say that IT security professionals have a tough—and very necessary—job.
So why make their job even tougher?
Consider a day in the life of a typical security analyst: They sift through reams of data from vulnerability reports, logs, and other sources in hopes of detecting vulnerabilities before the bad guys do. If they catch an actual intrusion, they hope they can initiate an appropriate response before it becomes the next public, multimillion-dollar breach.
Yet these security pros are commonly tasked with making sense of these reports and data points without the context necessary to act swiftly on the information in front of them.
Say, for example, a global information security analyst on your team sees an IP address pop up on an intrusion-detection report. That should be a good thing—the tool that produced the report caught a threat, right? All too often, however, the IP address is just that: a string of numbers with zero context for what asset it’s associated with, much less any of the other systems that sit upstream or downstream from it.
In other words, all you really know is that you have a potential issue, but your security team is left with significant blind spots on your network when it comes to determining the best course of action. IP information alone isn’t enough to determine the scope of the issue or how best to address it. To act decisively and effectively, you need the full context around that IP address and its dependencies. Otherwise, you’re not only asking your security team to find a needle in a haystack; you’re asking them to do so multiple times a day, every day.
Fortunately, there is a better way: BMC Helix Discovery.
BMC Helix Discovery scans assets on premises and in your cloud environments to immediately identify rogue applications and devices, not simply the IP addresses they’re associated with. That means you’re minimizing your exposure to risk from devices and applications that you don’t even know exist—the blind spots on your network.
A major bank recently replaced its previous asset discovery tool with BMC Helix Discovery, a true discovery and dependency mapping solution. In a matter of days, it found thousands of assets that had been missed by the other guys. Each of those network devices, servers, cloud services, and other assets was a potential entry point for hackers. Now the bank’s security team can effectively evaluate and protect their organization because of the improved visibility gained with BMC Helix Discovery.
Moreover, BMC Helix Discovery maps the diverse and often complex dependencies on your network, enabling better threat detection and remediation by showing you what other tools can’t.
This is a vital step toward better understanding the risks of a potential vulnerability. Instead of navigating the threat landscape in the dark, your security team has the context it needs to understand the business value of the asset that IP address represents—and therefore why they should care.
Stop searching for the needle in a haystack. Detect and clarify the blind spots on your network, improve your impact analysis and response, and speed up your broader cloud migration while proactively managing risk.
These postings are my own and do not necessarily represent BMC's position, strategies, or opinion.
See an error or have a suggestion? Please let us know by emailing firstname.lastname@example.org.