Corvil’s user-centric network traffic analysis is enabling firm to identify and track anomalous user activity to protect against insider cyber threats
DUBLIN, IRELAND - August 08, 2018 – Corvil today announced that a leading global law firm, with seven out of ten of the world’s top technology powerhouses among its clients, is bolstering its cyber resilience with Corvil Security Analytics. The solution extends its cyber-protection fabric across the network, enabling the firm to rapidly detect and respond to insider threats and advanced attacks.
Due to the valuable and highly confidential nature of information about intellectual property, mergers and acquisitions, and other events and assets, law firms present a growing target for cyber attackers. According to the 2017 PricewaterhouseCoopers Law Firm survey, 60 percent have reported an information security incident in the last year, up from 42 percent in 2014. The litany of recent law firm breaches underscores the existential risk when trust and reputation are compromised.
Like many organizations, cyber risk management for the law firm is a top boardroom agenda item. The firm is also among the growing number of law practices required by clients to provide demonstrable assurance of robust information security practices as highlighted in a report which finds 48 percent of law firms had their data security practices audited by at least one corporate client in the past year. Corvil has empowered the security team to update senior leadership daily on the firm’s cyber risk posture, and free resources to develop best practice recommendations and pragmatic remediation strategies. It has also removed the complexity of auditing user activity trails for compliance.
With cyber attack techniques constantly evolving and perimeter controls in place, attackers have shifted their focus to gaining a foothold within networks and moving laterally. They typically compromise user accounts, elevate privileges and access sensitive data or create disruption, such as via Ransomware. As many of these attacks may exploit vulnerabilities, take advantage of system tools, or take root via uninstrumented endpoints or IoT devices, they are often very hard to detect. However, they commonly traverse networks and rely upon user accounts.
The firm looked to leaders in the network traffic analysis space and selected Corvil, noting its machine-learning-driven user behavioral anomaly detection, intuitive visualizations, and depth of granularity as critical capabilities for quickly identifying and investigating suspicious activity that would otherwise fly under the radar.
Corvil’s unified view of user identity, host and network activity in one system was a key differentiator for the law firm when assessing an effective platform to protect against insider threats. Corvil’s user-centric network traffic analysis combined with machine-learning assures the firm of the highest possible levels of visibility into suspicious or careless user activity, as well as the insight to rapidly and thoroughly investigate the source and scope of security incidents.
“No law firm partner wants to discover his or her proprietary data being touted on the dark web or make a governance-compromising decision about paying a ransom because their network has been hijacked. The genesis of these events is often inadvertent user activity,” said David Murray, Chief Marketing and Business Development Officer at Corvil. “Given the speed at which an attack can take hold, we believe a continuous, real-time, high resolution picture of what is happening on the network is critical, as it enables the ability to derive unique insights on user, machine, and application behavior, dramatically changing the capability dynamics of securing from within.”
The 484 percent five-year increase in global patent filings for new legal services technology, revealed by Thomson Reuters research is a clear indication of the digitalization of the legal industry. For this law firm’s digital transformation journey, an additional and highly beneficial value add of deployment has been the overall improvements in client experience. Corvil’s proactive health monitoring of access control infrastructure, such as domain controllers, has ensured additional security measures were not impacting application performance or user experience.
“When a potential issue is flagged for triage (such as a suspected covert DNS tunnel), Corvil delivers immediate visibility into if and how a user account or host is compromised, what internal network traffic is involved, whether the attack spread laterally and, if so, what resources were accessed,” said Graham Ahearne, Director, Security Product Management at Corvil. “Corvil provides the insight to bolster a security team’s capabilities and fosters more effective and productive security operations team members so they are in a position to tackle modern and increasingly sophisticated attacks.
Corvil is showcasing its user-centric network traffic analysis for accelerated insider threat detection and response, at Black Hat USA 2018 (Corvil Booth: 1071). The solution automatically provides security analysts with a unified view of user identity, host and network activity in one system. This event takes place at Mandalay Bay, Las Vegas, NV, today and tomorrow, August 8 - 9.
Corvil is the leader in performance monitoring and analytics for electronic financial markets. The world’s financial markets companies turn to Corvil analytics for the unique visibility and intelligence we provide to assure the speed, transparency, and compliance of their businesses globally. Corvil watches over and assures the outcome of electronic transactions with a value in excess of $1 trillion, every day.
Press Office at Corvil
+353 1 859 1040