- Fluency announced the availability of its Security Analytics and Orchestration (SAO) solution version 5.5, adding further protection from network security threats in the wake of WannaCry. The solution uses focused analytics to help organizations fight against cyberattacks.
The tool combines Fluency’s Network Traffic Analytics (NTA) and Central Log Management (CLM) capabilities to assist IT security professionals in making more informed and intelligent decisions supported by automated implementation.
SAO uses artificial intelligence (AI) and machine learning to automate security event data. Real-time technology is used to organize and merge event information and remove duplicated data to give administrators a better view of network threats.
This automated and organized view prevents IT administrators from jumping to action for false positives or wasting time and resources on low-risk events.
“A critical element of SAO is the decision process," Fluency Co-Founder Chris Jordan said in a statement. "The rationale is quite simple; the decision is a vital element because automating imprecise data only amplifies bad decisions. Fluency focuses on machine learning and big data analytics. This data-centric approach to SAO means more than just making correct decisions, it provides the data needed for a superior response."
"With the launch of version 5.5, Fluency expands its fusion approach combining application awareness, network administration logs, user information and host information stored at different levels of network protocol in conjunction with dispersed security offerings,” Jordan continued. “Fusing this data enables comprehensive analytics while also providing the information needed to more quickly respond, not just detect an issue."
Healthcare organizations need to consider intelligent network security solutions that display the entire network in a way that is easy to monitor. These types of tools can help organizations detect major nation-wide security threats much sooner so they can take steps to protect the network.
For example, the WannCry ransomware attack impacted more than 150 countries and over 230,000 individual computers.
WannaCry was a ransomware program targeting Microsoft’s Windows operating system. The attack used common ransomware tactics, including spreading phishing emails.
WannaCry used the EternalBlue exploit, allegedly developed by the National Security Agency (NSA) which made it particularly dangerous.
Ransomware spreads easily when it encounters IT infrastructure that is outdated and not running the most recent security protocols. Healthcare organizations are often still using outdated software.
WannaCry took advantage of that by exploiting a Microsoft security update that many organizations had not performed when it became available.
Entities often postpone upgrading technology because it can be expensive or because their current systems still work well. Organizations can also have a difficult time justifying spending their budgets on infrastructure technology upgrades when there isn’t anything actively wrong with their current systems.
Healthcare organizations need to make sure all of their software is updated. However, implementing a security solution that automates and provides visibility will show IT administrators where network weaknesses are so steps can be taken before an attack transpires.
Network visibility is invaluable when it comes to security because it shows organizations their security gaps before they become problems, reducing the risk to patient data.
Having strong network visibility is also important with healthcare networks constantly growing as connected medical and Internet of Medical Things (IoMT) devices are added to the network.
These advanced devices have different security requirements than traditional computers and laptops so being able to see where and how these devices are connecting to the network is vital to protecting it.
A recent ZingBox survey revealed that over 90 percent of healthcare networks support IoMT devices and over 70 percent believe that traditional security solutions are sufficient enough to secure the IoMT devices.
The lack of understanding of network security and the number of devices constantly communicating with the network make it almost unmanageable using traditional security tools that only serve one purpose or protect one part of the network infrastructure. Adding automation, AI, and visibility to network security will help organizations protect themselves against cybersecurity threats.