Visibility: The Key to Better Threat Detection

June may have meant the start of the World Cup to most of the world, but at Alert Logic it meant only one thing; the Cloud Security Summit 2018, where the cloud security industry’s brightest gathered in London to discuss the IT security issues that keep them up at night, and the solutions that make them tick. The attendees were well placed to discuss these issues, with over 70 percent directly responsible for security within their organization.

After Graham Cluley’s enlightening opening presentation into the security risks facing businesses, the torch was passed to Matt Selheimer. With over 20 years in the security industry, Matt is currently Alert Logic’s Chief Marketing and Strategy Officer. This wealth of experience puts him in the perfect position to present on ‘Visibility: The Key to Better Threat Detection’.

Visibility – the focus of cybersecurity

Visibility is something of an industry buzz word, but Matt’s presentation makes a good case for it being so. He began by discussing the expanding attack surface, and the rapidly evolving and diversifying threat landscape—both of which make visibility key to any coherent security strategy. Indeed, some 48 percent of security professionals who attended the Cloud Security Summit highlighted a lack of centralized visibility as one of their most prominent IT security challenges. As cyber attackers become more advanced, we see a greater likelihood of them using what Matt calls ‘multi-stage’ attacks, which engage with multiple threat vectors. Multi-stage attacks are more challenging to identify as a specific security incident because the attack vectors and threat indicators seem like separate, disconnected events.  

Matt also framed this in the context of threat detection, which although seemingly basic, organizations stillstruggle with. The average time that passes before threat detection is 205 days, and two thirds of businesses find out about security incidents inside their organization from third parties in their supply chain, independent security researchers etc. This problem is only likely to get worse, as the world’s increasingly connected business-functions have to come to grips with the harsh reality that by 2021 there will be 3.5 million unfilled Infosec positions.

Companies need an effective security solution

While Matt painted something of a grim picture of how a lack of threat visibility can turn into a cyber-incident before your eyes, he did at least present the audience with a potential solution—an integrated security model. Essential ingredients of an integrated security model include:

  1. Visibility, control and management of data and event sources (full stack) to feed threat detection content
  2. A powerful multi-tier threat detection platform
  3. An interactive and intuitive incident investigation system
  4. Expert analysts
  5. Content, content, and more content to automate and perfect threat detection and leverage the experts

Matt made a passionate case for how our unique position of cybersecurity industry expertise—powered by diverse and varied data sets from our 4,000 customers, can help to fix some of the industry’s most common security woes: alert fatigue, a lack of centralized visibility, cybersecurity expertise and process.

Matt showed how Alert Logic’s around-the-clock management helps to block critical cyber attacks, and collect and collate incident data to feed into a system of automatic incident detection—at which point a team of experienced security researchers, analysts, programmers and data scientists step in, working alongside Alert Logic’s rules and analytics and state-of-the-art machine learning capabilities in order to feed back into our integrated security model. This means every time Alert Logic responds to a customer’s security incident, we become better at dealing with the next.

So, while Matt painted a bleak picture of the IT security landscape, he also provided a light at the end of the tunnel—which, in reality, will lead the way of the future in cybersecurity.

Matt’s presentation can be viewed here: ‘Visibility: The Key to Better Threat Detection’. You should also check out the 2018 State of Security Infographic for interesting data and findings from our London Cloud Security Summit.

About the Author

Tony Bradley - Senior Manager of Content Marketing for Alert Logic

Tony Bradley

Tony Bradley is Senior Manager of Content Marketing for Alert Logic. Tony worked in the trenches as a network administrator and security consultant before shifting to the marketing and writing side of things. He is an 11-time Microsoft MVP in security and cloud and has been a CISSP-ISSAP since 2002. Tony has authored or co-authored a dozen books on IT and IT security topics, and is a prolific contributor to online media sites such as Forbes and He has established a reputation for effective content marketing, and building and engaging a community and social media audience.

Connect | Email Me | More Posts by Tony Bradley