Corvil’s user-centric network traffic analysis is enabling firm to identify and track anomalous user activity to protect against insider cyber threats
DUBLIN, IRELAND - August 08, 2018 – Corvil today announced that a leading global law firm, with seven out of ten of the world’s top technology powerhouses among its clients, is bolstering its cyber resilience with Corvil Security Analytics. The solution extends its cyber-protection fabric across the network, enabling the firm to rapidly detect and respond to insider threats and advanced attacks.
Due to the valuable and highly confidential nature of information about intellectual property, mergers and acquisitions, and other events and assets, law firms present a growing target for cyber attackers. According to the 2017 PricewaterhouseCoopers Law Firm survey, 60 percent have reported an information security incident in the last year, up from 42 percent in 2014. The litany of recent law firm breaches underscores the existential risk when trust and reputation are compromised.
Like many organizations, cyber risk management for the law firm is a top boardroom agenda item. The firm is also among the growing number of law practices required by clients to provide demonstrable assurance of robust information security practices as highlighted in a report which finds 48 percent of law firms had their data security practices audited by at least one corporate client in the past year. Corvil has empowered the security team to update senior leadership daily on the firm’s cyber risk posture, and free resources to develop best practice recommendations and pragmatic remediation strategies. It has also removed the complexity of auditing user activity trails for compliance.
With cyber attack techniques constantly evolving and perimeter controls in place, attackers have shifted their focus to gaining a foothold within networks and moving laterally. They typically compromise user accounts, elevate privileges and access sensitive data or create disruption, such as via Ransomware. As many of these attacks may exploit vulnerabilities, take advantage of system tools, or take root via uninstrumented endpoints or IoT devices, they are often very hard to detect. However, they commonly traverse networks and rely upon user accounts.
The firm looked to leaders in the network traffic analysis space and selected Corvil, noting its machine-learning-driven user behavioral anomaly detection, intuitive visualizations, and depth of granularity as critical capabilities for quickly identifying and investigating suspicious activity that would otherwise fly under the radar.
Corvil’s unified view of user identity, host and network activity in one system was a key differentiator for the law firm when assessing an effective platform to protect against insider threats. Corvil’s user-centric network traffic analysis combined with machine-learning assures the firm of the highest possible levels of visibility into suspicious or careless user activity, as well as the insight to rapidly and thoroughly investigate the source and scope of security incidents.
“No law firm partner wants to discover his or her proprietary data being touted on the dark web or make a governance-compromising decision about paying a ransom because their network has been hijacked. The genesis of these events is often inadvertent user activity,” said David Murray, Chief Marketing and Business Development Officer at Corvil. “Given the speed at which an attack can take hold, we believe a continuous, real-time, high resolution picture of what is happening on the network is critical, as it enables the ability to derive unique insights on user, machine, and application behavior, dramatically changing the capability dynamics of securing from within.”
The 484 percent five-year increase in global patent filings for new legal services technology, revealed by Thomson Reuters research is a clear indication of the digitalization of the legal industry. For this law firm’s digital transformation journey, an additional and highly beneficial value add of deployment has been the overall improvements in client experience. Corvil’s proactive health monitoring of access control infrastructure, such as domain controllers, has ensured additional security measures were not impacting application performance or user experience.
“When a potential issue is flagged for triage (such as a suspected covert DNS tunnel), Corvil delivers immediate visibility into if and how a user account or host is compromised, what internal network traffic is involved, whether the attack spread laterally and, if so, what resources were accessed,” said Graham Ahearne, Director, Security Product Management at Corvil. “Corvil provides the insight to bolster a security team’s capabilities and fosters more effective and productive security operations team members so they are in a position to tackle modern and increasingly sophisticated attacks.
Corvil is showcasing its user-centric network traffic analysis for accelerated insider threat detection and response, at Black Hat USA 2018 (Corvil Booth: 1071). The solution automatically provides security analysts with a unified view of user identity, host and network activity in one system. This event takes place at Mandalay Bay, Las Vegas, NV, today and tomorrow, August 8 - 9.
Corvil is the industry leader for deriving Security, Operational, and Business intelligence from network data. As companies adopt faster and smarter machine technology, it becomes critical to tap into richer and more granular machine data sources to safeguard the transparency, performance and security of critical infrastructure and business applications. The Corvil streaming analytics platform captures, decodes, and learns from network data on the fly, transforming it into machine-time intelligence for network, IT, security and business teams to operate efficiently and securely in this new machine world. Corvil uses an open architecture to integrate the power of its network data analytics with the overall IT ecosystem providing increased automation and greater operational and business value outcomes for its users. The Corvil solution is trusted by leading financial institutions to safeguard their businesses across the globe involving 354 trillion messages with a daily transaction value in excess of $1 trillion.
Press Office at Corvil
+353 1 859 1040