DefenseStorm: Full-stack Cybersecurity Management

CIO VendorSean Feeney, CEO Financial institutions are in the center of a storm today—caused by a constant surge of sophisticated cyber attacks threatening to break down their walls. The trend has been spurred by three major bank hacks in the past two years. Two of these attacks resulted in financial losses to the tune of 100 million dollars, raising apprehension about the dependability and security of digital networks used by banks worldwide. These events provoked the Society for Worldwide Interbank Financial Telecommunication (SWIFT) and numerous agencies to issue warnings, alerting banks to increase their security as more attacks are expected. “While banks have requirements like other corporations, they have heightened security needs that present a compelling mandate for solutions to keep our country’s most sensitive financial data secure from foreign attackers and organized criminals,” begins Sean Feeney, CEO of DefenseStorm. Cybersecurity should be instilled into all aspects of the business—products, digital investments, enabling technology, processes, services and people.

Formed by bankers and fintech experts, DefenseStorm was incorporated with an aim to provide cybersecurity solutions to community banks and credit unions. “The founders of DefenseStorm, Edgardo Nazario and Jeff Lunsford, wanted to build a new type of cybersecurity technology that would solve three modern day problems in the financial sector: too many point systems to monitor effectively, lack of real-time reporting to prove policy compliance to C-Suite and Board of Directors, and difficulties in finding and hiring IT security experts,” explains Feeney. “Although the cybersecurity industry was crowded, there wasn’t a cloud-based cybersecurity management solution that merged network monitoring, incident response workflow, policy governance, and real-time analytics into a single solution,” he adds.

Built from the ground up in the cloud, DefenseStorm unifies detection, investigation, reporting, and compliance into a single place to manage cybersecurity data. It aggregates event data across all cybersecurity tools and links policies to real-time alerts, so that financial institutions can prove to regulators that they are both secure and compliant with evolving Federal Financial Institutions Examination Council (FFIEC) cybersecurity requirements. “We streamline our customers' cybersecurity needs by bringing together information into a single pane of glass, which saves time and reduces the possibility of human error,” explains Feeney. “DefenseStorm does not replace an organization’s existing systems, instead it augments and strengthens them, seeing across their network to manage security threats and compliance policies.”

From Reactive to Proactive

According to Feeney, community banks have a long tradition of enjoying personal relationships with their customers. As such, bankers need to pay extra attention to protect their business as they might run into their customers at any given point. Case in point is one of DefenseStorm’s community bank customers, Citizen’s National Bank (CNB) of Texas.

Our modern data architecture has been built by a talented development team who know how to search, compress and do things at a faster pace

Few years ago, the leadership at CNB decided that it would be important for them to not only invest in the digital banking capabilities customers would value—like online banking and bill pay, but also in the infrastructure to protect them, their finances, and the information. CNB already had a security encryption program in place to protect its online banking transactions but was still vulnerable. “We had a solid system in place, but none of us were really security experts,” shared Wade Jones, Senior Vice President and CIO of CNB. “We were doing our best, but working with DefenseStorm basically gave us a team of security experts behind us. Now our security is as strong as can be, all without having to hire an extra security expert.” Today, DefenseStorm helps CNB monitor network activity, emailing or calling when there is suspicious activity or a strong threat.

DefenseStorm enables users to identify and triage threats by proactively examining event data. This includes reviewing geographic sources to focus on high risk locations, examining threat types by severity, category, or protocol, and narrowing the search query timeline in seconds with an interactive timeline slider.

Guardians of the Network

The company’s security experts, the Guardian team, monitors client’s network and alerts them on any impending threat. The team proffers a structured and supported approach to on-boarding with 24/7 network monitoring, offering annual security assessments and ongoing advice on network security. On one occasion, the Guardian team saw a spike in network traffic that looked like a DDoS Attack while monitoring a customer’s network and quickly notified the client of the emerging threat. DefenseStorm ingested nine million events in just nine minutes, which allowed them to fully understand what was happening and accurately inform the customer of the incident scope. As a result, the incident was fully scrutinized and remediated within hours, with no security ramifications.

DefenseStorm’s ability to offer real-time threat detection and remediation draw power from its underlying Big Data analytics engine. The platform offers Alert Inbox, anomaly detection and easy-to-use dashboards that bring the organizational data in one place which reduces busy work, so analysis can spend more time researching true threats.

Alert Inbox groups together security alerts for quicker triage, deciphering customers’ needs via machine learning, so the system presents the most relevant, compelling threats first. DefenseStorm’s anomaly detection suite learns what is normal behavior for a customer’s network and provides automated alerts when something abnormal happens, such as an employee downloading the entire customer database at 2AM on Sunday.

Single Pane of Glass

The company’s solution monitors every system on a customer’s network with faster event processing to swiftly interpret threats, reach resolutions, and report their results. The company brings log data together with built-in processes and couple those with the bank policies to offer the best way to manage cybersecurity compliance in real-time. “Our modern data architecture has been built by a talented development team who know how to search, compress and do things at a faster pace, giving DefenseStorm the advantage over their competitors,” adds Feeney.

"The threat is increasing and we need to act before cyber terrorists can attack us, we have to anticipate their movements and make ourselves stronger"

The platform acts as a single pane of glass which aggregates data from cloud, colo data centers and on-premise logs (servers, endpoints, network devices). Users can view events, alerts, incidents, SLAs and policy compliance in real-time through the dashboards. It also promotes sharing and collaboration so that users can assign, collaborate or escalate an incident with the click of a button.

Securing the Future of Banking

DefenseStorm has made it their mission to work closely with its clients, deciphering their problems and developing solutions according to their organizational needs. Feeney and his team of experts frequently conduct one-on-one discussion with customers on their current problems and arrive at the best solution. “There is no magic bullet to stop cyber attacks. The beauty of technology is the capabilities and speed it provides to do things in a more efficient manner,” says Feeney. “At the end of the day, my goal is to take the company to new heights by offering the most innovative solutions. We have to think one step ahead of the hackers and incorporate unique defense mechanisms.”

For the future, DefenseStorm is investing heavily in machine learning to understand and capture the essence of a continuously evolving threat landscape. “Cybersecurity is an open-ended problem with infinite possibilities, and by applying machine learning techniques, we can narrow down that problem to something much more manageable,” adds Feeney. As the cybersecurity landscape evolves and threats increase, DefenseStorm prepares to defend banks and credit unions from the growing number of bad actors targeting their institutions. “The threat is increasing and we need to act before cyber terrorists can attack us, we have to anticipate their movements and make ourselves stronger,” concludes Feeney.

- Eileen Singh
    November 03, 2016