How I Learned to Stop Worrying About a Data Breach and Love PCI Compliance
Do your compliance initiatives make you feel more secure? Most likely, the answer is “no.”
While PCI compliance is more effective than most regulations, it’s not always easy for organizations to satisfy PCI’s twelve high-level requirements and 200+ sub-requirements. Therefore, some security professionals focus on “checking the box” to meet the minimum requirements for PCI security rather than implementing the best security to protect payment card data. As a result, many companies may be PCI compliant, but have no way of detecting malicious insiders or external attackers in their network.
LightCyber Magna gives customers the best of both worlds: a solution validated for PCI conformance and a solution that can root out active attackers in corporate networks. With LightCyber, organizations can close the gap in data breach detection while addressing PCI’s intrusion detection requirements.
PCI Security Validation
LightCyber recently engaged HALOCK Security Labs, a PCI-certified QSA, to evaluate LightCyber Magna Behavioral Attack Detection and determine if it satisfied PCI requirement #11.4. HALOCK concluded that LightCyber addressed PCI requirement #11.4 for intrusion detection and prevention. Learn about HALOCK’s testing methodology and results from this new white paper.
LightCyber Magna goes well beyond the PCI DSS requirements by providing full visibility into the entire attack lifecycle, not just the initial intrusion. Magna works by finding the anomalous operational behaviors of external attackers, malicious insiders and malware, rather than using largely ineffective attack signatures that only stop known threats.
PCI Compliance Podcast
We recently sat down with Tod Ferran, a senior consultant at HALOCK Security to discuss various approaches to and challenges with PCI compliance.
During the podcast, Tod explained, “Initially, a lot of companies were check the box, just rubber stamp me. I even had one client that said ‘Look, PCI compliance is a pain in my neck.’…Now we’re seeing a shift. In fact, all of my clients now have a much different view of it and their stance is not just check the box, but ‘let’s talk about risk and talk about our vulnerabilities and do the things we need to do to keep us out of the news.’”
To learn security and compliance insights from a QSA, listen to this podcast.
How Magna Finds Post-Intrusion Activity, Malicious Insiders, and Malware
The Magna platform detects attacks by first monitoring network traffic and establishing a baseline of normal activity by user and by device. It also fingerprints desktops, servers, mobile devices, networking equipment, and any other types of networked devices, including IoT. Then Magna detects behavioral anomalies that are indicative of an attack, such as reconnaissance, lateral movement, and command and control. Many of these anomalies cannot easily be identified through conventional signatures and list matching techniques; they can only be discovered by detecting aberrations in user and device activity.
Once Magna has uncovered an attack, it can interrogate the endpoint and discover which process generated the attack behavior using Network to Process Association (N2PA). Then it can analyze the executable in the cloud to determine whether it is malware, riskware or a benign file. By performing this analysis, Magna can validate malicious activity and streamline investigations.
For businesses that process credit cards, Magna can be the difference between spotting and disrupting an attack versus finding out from a third-party that large amounts of payment data has been stolen. Magna can also be the difference between an incident that requires public breach notifications versus mitigating an attack before damage is done.