Data dissemination and file sharing between agencies and law enforcement authorities is a natural part of government business. But what happens when those files leave the security of domain-controlled network drives and content management systems?

Cloud computing has made collecting, storing, and processing data easier and cheaper than ever. Agencies are increasingly leveraging big data to drive actionable insights and improve cyber threat detection. Furthermore, more than 60% of agencies are using big data to reduce costs and operating expenses, writes Information Week.

Our very own Chief Cybersecurity Technologist and Institute for Critical Infrastructure Technology (ICIT) fellow, Don Maclean, recently joined fellow fellows Robert Lord (Protenus), John Menkahart (Securonix), Dr. Ron Ross (NIST) and ICIT co-founder and senior fellow, Parham Eftekhari on Capitol Hill to discuss the risks and threats associated with cyber attacks on healthcare facilities.

Nothing seems to surprise us anymore when it comes to cybersecurity. Attacks against government agencies and businesses are constantly in the headlines. Just last year, DLT partner, Symantec, discovered more than 430 million new unique pieces of malware across its Global Intelligence Network – that’s an increase of 35% over the previous year.

We all know that sifting through data is an overwhelming challenge for federal agencies. Various data types, stored across a range of disparate siloes, and a lack of resources to analyze the sheer amount of data, has long held up data analytics in government.

Last year, we reviewed threat reports from numerous companies and organizations.  At the time, a couple of simple themes emerged: too many systems were unpatched, and phishing was a predominant means of intrusion.  These themes are still present a year later, but some new trends have arisen to keep them company.

Last year, over 420 million malware variants were discovered, over half a billion personal information records were lost to breaches and one zero-day vulnerability was discovered each week.

It’s time to fight back!

Could user and entity behavior analytics (UEBA) be the missing piece of the puzzle that security teams have been waiting for in their bid to outmaneuver threat actors?

Incident response (IR) teams are overwhelmed. Larger attack surfaces, state-sponsored cyber terrorism, and the industrialization of cyber crime all create fires and headaches for IR teams.

Many organizations are quickly discovering that cyber threat hunting is the next step in the evolution of the modern Security Operations Center (SOC).

But what is “hunting"?

Sqrrl, a leader in big data analytics and cybersecurity, defines hunting as “the process of proactively and iteratively searching through networks to detect and isolate advanced threats that evade existing security solutions.”