How Long Can Malware Sit On A Workstation?

By Ray Birch

BROOKFIELD, Wis.–Just how long can a piece of malware sit on an employee’s workstation? Usually, as long as it takes before a human being notices the threat is there. But what if security software could immediately find it and either kill it or take the station off the credit union’s network?

Feature Fiserv BluVoyant

That’s one of the ideas behind a new piece of cyber defense that looks to respond to threats faster than any human IT staffer ever could.

“Incidents can likely happen. It’s about how do you respond as quickly as possible to mitigate either the data that is lost or the incident that is occurring,” said Nayan Patel, VP strategic alliances at Fiserv.

As CUToday.info reported, Fiserv recently formed a strategic alliance with BlueVoyant, a next-generation cybersecurity company, to deliver a comprehensive managed security platform that specifically addresses the unique needs of financial institutions—from threat detection, response and remediation to regulatory compliance and reporting, the company said.

Patel said that using resources and data that go well beyond what is available to most banks and credit unions today, Fiserv and BlueVoyant provide detection, real-time response and automated remediation of suspicious activity targeting internal systems using an integrated combination of network and endpoint monitoring, extensive threat intelligence and behavioral analytics.

“A key here,” noted Patel, “is that through security orchestration and automation we are able to automate the response to a cyber threat as opposed to relying just on people.”

Experts From Around the Globe

Patel said that by leveraging the expertise of BlueVoyant, which has a skilled team of cyber defense experts from across the globe, “playbooks” are designed in tandem with credit unions. The playbooks outline clear steps the CU’s systems and cyber defense solutions will take on each specific type of threat or situation.

“We understand their environment and design the playbooks in tandem with the credit union,” said Patel. “We design the playbooks so if a certain instance occurs—say something is spotted on a workstation that should not be there—automatically the cyber defense solutions will understand what to do and either kill the process or quarantine the workstation and take it off the network. This is done automatically without human intervention. That can take the time to mitigate an issue from five hours to ten seconds.”

The speed with which action is taken is one of the key benefits derived from the BlueVoyant partnership, said Patel, adding that quick action can save credit unions a great deal of money when a serious threat is stopped immediately.

Designing the Playbook

The playbooks are designed with the support of the BlueVoyant cyber defense team, said Patel.

“A great deal of their expertise comes from the former FBI and NSA employees,” said Patel. “They have a security operations center strategically placed outside College Park, Maryland, and one in Tel Aviv. So they are getting cyber security talent from Israel, as well. They have a lot of connections in the intelligence industry throughout the world.”

Patel said the head of the BlueVoyant security team is a former CTO of the FBI’s cyber security division.

“And the people on his team understand the threats that have gone on in the world and are going on,” said Patel. “The team’s knowledge is not gained by books or just six months in the field. They have deep, historical knowledge of what the bad actors are trying to do.”

Fiserv

It’s human skill that’s critical to not only designing highly effective automated cyber defenses and outlining parameters for the machine learning that supports the systems, but also to make the right decisions when the credit union faces a judgment call on a threat, said Patel.

Recommended Remediation

“A lot of what people are depending on for the future is machine learning and artificial intelligence, but those things require some sort of human interaction in order to set them up, tell them how to compute, detect and look for threats,” said Patel. “Plus, in instances when you don’t want to automate a threat response, as credit unions are very focused on service and want to be available for members 24/7, you need a skilled security expert to determine what is going on and recommend the right kind of remediation. Our teams do that for credit unions.”

Patel acknowledged that credit unions, especially smaller ones, don’t have the resources to hire or even retain skilled cyber defense experts.

“It’s one of their biggest, growing challenges,” he said. “A lot of our credit union customers have some sort of endpoint software, some sort of log correlation…But taking that data and knowing exactly what to do with it, prioritizing it and then having the expertise to take the right action can be a different story.”

 

Section: Standard
Word Count: 970
Copyright Holder: CUToday.info
Copyright Year: 2024
Is Based On:
URL: https://www.cutoday.info/THE-feature/How-Long-Can-Malware-Sit-On-A-Workstation