Pictured above: at the last secIT event, our valued partner NETCOR GmbH supported Exeon at the booth for live demos and strategy discussions.
The world of cybersecurity is constantly evolving, and businesses are seeking new and innovative ways to protect their enterprise from cyberthreats. Network Detection and Response (NDR) has become a popular solution for IT leaders and engineers, as it provides real-time monitoring of network traffic, and helps detect and respond to cyber attacks.
One event that highlights the growing interest in NDR is secIT, hosted in Hannover every year in the early spring, mid-March. Another day, another trade show, you say? Not at all – secIT is definitely an event to add to your list.
Encompassing Various IT Roles, All With One Common Goal
The event is attended by specialized technical folks, CTOs, CIOs, CISOs, SOC staff, network engineers, and administrators who come to learn more about security solutions and how they can help them protect their enterprise from cyber threats.
The attendees from across the IT spectrum come with specific use cases, such as the connection of IP devices like point-of-sale systems and security cameras. However, their needs were not limited to technical use cases, as many visitors had concerns around data protection and privacy, especially regarding deep packet inspection and surveillance.
It’s also interesting to note that a trade fair that might have been considered rather small just a few years ago has quickly evolved into a resounding success.
NDR in Action for the SOC
One of the highlights of the event was the presentation on Network Detection and Response in action for the SOC by Michael Tullius, pictured below.
The presentation showcased how Exeon supports every part of an organization’s threat detection and reaction, hence drawing a lot of interest, with attendance doubling by the end of the session. But why the sudden popularity? Read on!
Network Security is a Matter For All
What organizations or IT leaders may not be currently aware of is the benefit of network security measures for all internal parties – and, it’s quite a necessity in all industries. For Germany alone, these security regulations apply:
Requirements resulting from the Security Act 2.0, BSI Basic Protection (BSIG §8a):
- ISO/IEC 2700x & standard IEC 62443
- NIS2:
- Logging: higher protection requirement example OPS 1.1.x
- Detection: higher protection requirement example DER1x
- Reaction: Security incident handling example DER 2.1
Regulations segmented by industry:
- Energy supply companies: EnWG §11 Paragraph 1d and 1e
- Healthcare: as per SGB 5, § 75b – Suggestion BSI-CS 132 from 2018
- Automotive: TISAX
- Banks: BaFin, BAIT, EZB
Now, back to how NDR spans across the spectrum of security: with a particular focus on the top elements of this graph (advanced threat protection, network security, data security, infrastructure security, and system and application security), Michael explained to the audience what kind of a positive domino-effect network security monitoring has for the below segments.
Some of the specific use cases for security monitoring across these categories that were demonstrated to secIT attendees were:
- Internal shadow IT: Network activities are matched with CMDB information
- External shadow IT: visualisation and discovery of unauthorised cloud services and uploads
- Use of custom tags to define server access rules
- Detection of continuous unauthorised remote access and VPNs such as:
- Teamviewer
- Wireguard
- OpenVPN,…
Since businesses are practically digital ecosystems of their own nowadays, any and most of the above mentioned real-life cases are becoming every day matters. Fortunately, there are numerous strategies that companies can employ to enhance their digital ecosystem’s security. For the deployment in the Security/System Operation Center, identifying and understanding cyber threats in the internal network is achieved automatically and easily with an NDR product such as Exeon.NDR.
Exeon’s platform can be summarized as such:
Based on powerful AI algorithms, Exeon provides complete visibility of network data flows and allows for an automatic detection of suspicious network behaviour to efficiently support security teams in responding to dormant and active threats – before any real damage is done.
This smart threat detection solution leverages an organization’s existing infrastructure, so they will not have to invest in additional hardware. As no appliances are involved, deployment and maintenance are a breeze. This also allows for users to achieve greater scalability effortlessly.
Consequently, attendees of all kinds, from municipalities to national supermarket chains and banks, reacted positively about the efficiency of NDR, thanks to its ease of implementation and use.
Conclusion
To resume, secIT is an excellent event for IT leaders and engineers to learn about the latest trends and solutions in cybersecurity, particularly the growing interest in Network Detection and Response (NDR).
It’s also an opportunity to network with peers, share knowledge, and learn from experts in the field. The event shows that the intrigue for NDR is only set to increase, as businesses seek to protect themselves from cyber threats in a future-proof, reliable way.
