Technology


‘Self-learning’ security tech detects bad behavior




Posted on March 03, 2015


GIVEN the level of sophistication today’s cyberattacks are being carried out, companies are left with no choice but to increase their IT spending to fend off persistent assaults that could potentially shut down business operations.

But fending off these attacks is one thing; preventing them is another.

According to network security firm Cyberoam, network users are the weakest link in the Internet security chain and patterns of human behavior can be used to predict and prevent cyberattacks.

To help IT security managers identify users posing security risks, the company developed an intuitive feature that allows its security solutions to determine a user’s risk profile based on that user’s Internet behavior.

Dubbed User Threat Quotient (UTQ), the ‘self-learning’ user-identity-focused feature harnesses information derived from the user’s Web traffic and determines the level of risk his activities pose to the network.

While this feature issue may raise questions on employees’ privacy at work, Cyberoam Philippines Country Manager Amar Mehta was quick to point out that IT managers could not look into a worker’s Internet activities without the latter’s consent.

“There’s a four-level authentication that requires both the user and the chief information officer to take a look at log info,” he said.

Mr. Mehta however argued that a certain level of monitoring on the part of the employer is necessary to avoid such damaging cyberattacks.

“The UTQ was designed in accordance with international labor laws, which explains the four-level authentication to get the user involved in the monitoring.”

The UTQ, Mr. Mehta added, is beneficial to small-medium enterprises that may not have the capacity or the manpower to monitor threats posed by network user activities. The UTQ is also available to large-scale businesses in industries as well as governments.

The UTQ feature can be found Cyberoam’s Next-Generation Firewall and User Threat Management appliances.