With digital transformation melting protection perimeters, IT security teams in enterprises are having to deal with the fact that complex threats are already within their network, as illustrated by the 48 per cent of enterprises which believe that their organisation may already be hacked. To bring visibility back to corporate networks and reduce response times, New Kaspersky Threat Management and Defense brings together and reinforces the capabilities of Kaspersky Anti Targeted Attack, Kaspersky Cybersecurity Services and new Kaspersky EDR within a single platform.
Kaspersky Anti Targeted Attack
Targeted attacks can penetrate an organisation’s critical systems and stay unnoticed for years, causing irreparable damage in the process. Separate symptoms can be misleading and only an all-around examination provides an accurate diagnosis. As part of the Threat Management and Defense platform, the next generation of Kaspersky Anti Targeted Attack utilises a comprehensive set of technologies for the detection of previously unknown threats and targeted attacks, it correlates different indicators of compromise in the network that are likely connected to a single operation, in order to help businesses discover even the most complex attacks.
Accuracy of detection is achieved through Next Generation technologies and capabilities, including machine learning threat analysis and correlation algorithms, advanced sandbox technology and network traffic analysis. It is also empowered by the array of metadata available for analysis from the telemetry of endpoint and network sensors and by global threat intelligence from Kaspersky Security Network.
With the new Kaspersky Anti Targeted Attack solution, security teams get a redesigned dashboard showing a detailed overview of the status of periodic checks, the latest events, and incident information to help shape the informed action on the next step of the incident response cycle.
It is usually slow responses that make complex cyber security incidents more devastating – recovering from data breaches caused by advanced threats can now cost enterprises up to $977,000 on average – meaning enterprises have to change how they react. Kaspersky EDR, the next component of the Threat Management and Defense platform, enables companies to speed up their incident response process and improve the quality of cyber security incident investigation.
Kaspersky EDR offers increased visibility through the aggregation and visualisation of key digital forensics data collected from endpoints – which will be available no matter what techniques cyber criminals use to try and hide their tracks.
An efficient and timely response is ensured through the automation and remote deployment of the key IR functions, which eliminates the manual work and guarantees an ability to clean up the infected assets remotely, within a required timeframe. There are several ways to achieve this, such as quarantining or deleting a suspicious file, moving it to the sandbox for further analysis or isolating a particular endpoint from the network.
By shining a light on the endpoint activity, Kaspersky EDR ensures cyber security teams get complete insight into the systems to understand exactly what is happening and how the threat can be mitigated.
Kaspersky Cybersecurity Services
Full visibility and accurate detection are only two parts of the battle. The very nature of targeted attacks means attackers will come back with new tools and techniques. If an emergency occurs, the cyber security team might need a trusted partner with the relevant skills and experience. That’s why Kaspersky Cybersecurity Services includes a number of offerings for rapid incident recovery (Incident Response service), the proactive assessment and rectifying of damage (Targeted Attack Discovery) and a full, outsourced threat hunting service (Kaspersky Managed Protection).
“As they are fighting against hackers and cybercriminals that have significant financial resources and are constantly looking to exploit any vulnerability, enterprises need an integrated approach to complex threat detection and response. To address this need, we have introduced a three-pronged Threat Management and Defense platform – incorporating 20 years of experience of analysing advanced threats – which should serve as the framework for the kind of solid cybersecurity strategies required by under-fire enterprises,” said Alessio Aceti, Head of the Enterprise Business division, Kaspersky Lab.
Threat Management and Defense
Also available as standalone solutions, Kaspersky Anti Targeted Attack, Kaspersky EDR and Kaspersky Cybersecurity Services perform best as a single Threat Management and Defense platform, allowing for unified administration and automation of the whole threat management cycle. With the support of all three components of the platform, businesses can adopt a strategic approach to detecting complex attacks across the corporate IT infrastructure and successfully gain control and visibility of their security environment by mitigating risk in today’s digital world.
Shrenik Bhayani, General Manager, South Asia, Kaspersky Lab, “Our Threat Management and Defense product is a complete package portfolio from enterprise and customer prospective, it includes the cyber security services wrapped around what typically an enterprise would need. Gone are the days when we talked about cyber security only as an end point security or as antivirus, people are looking at sophisticated deployments because obviously the attacks are also getting sophisticated and the kind of attacks that are happening in the overall global environment today they are beyond imagination. The old dynamics of cybersecurity has changed with this and a large number of enterprise customers and market customers who have their solutions and applications on cloud are really very serious about this entire cyber security aspect.”
To support the expansion of its business in India, Kaspersky Lab has also announced the opening of a newly relocated office in Mumbai, India for the South Asia region. There are currently 37 Kaspersky Lab offices in 32 countries around the world.
The Mumbai office will provide more office space for the growing global cyber security company as well as closer proximity to the partners it collaborates with frequently. The new office will provide greater space for Kaspersky Lab India’s newest team players who have recently joined the Kaspersky Lab to outline the growth for the company moving forward.
Stephan Neumeier, APAC Managing Director of Kaspersky Lab, “We are delighted to move to a bigger space that will be the base for our South Asia growth, in one of the most promising new markets with the fastest expanding rates in the world. It is a market filled with business opportunities for us in a very wide range of sectors, especially in the thought leadership space. With the digital growth that is taking place in the region, it is important for us to explore the untapped potential of this market. This would then enable us to deliver the key results we seek.”
If you have an interesting article / experience / case study to share, please get in touch with us at [email protected]