Neo4jⓇ, the leader in graph technology, announced a rise in adoption from organizations seeking to leverage graph databases to strengthen cybersecurity strategies in response to increasingly sophisticated threats.
“Security teams face an overabundance of data, and resource constraints make it simply impossible to analyze everything. The work put into investigating alerts is manual and time-consuming.
And even after going through the effort of creating and managing correlations between data, security analysts pick something to investigate based purely on general instinct,” said Maida. “Graphs not only help with visualizing the data but also analyzing the underlying data efficiently.”
Ashkan Rahimian, Cyber-Artificial Intelligence Senior Lead at Deloitte Canada’s Omnia AI, praised the power of graph analytics to do predictive analysis, highlighting key features in his team’s Cyber AI Attack Path Modeling product.
“The majority of security controls are detective in nature, already placing security operations teams at a high disadvantage against attackers,” said Rahimian. “By leveraging Neo4j and graph analytics, we were able to create the Cyber AI Attack Path Modeling (APM) product, an AI-led graph-based tool that provides assessment and unified visualization of cyber risks and attack paths that threaten an organization’s critical assets.”
Losses attributed to cybercrime are expected to reach $10.5 trillion by 2025, growing at a rate of 15 percent annually. Costs include damage and destruction of data, stolen money, theft of intellectual property, personal and financial data, investigation, restoration, and more.
While the digital economy is flourishing, 68 percent of business leaders recognize their cybersecurity risks are also increasing, urging many to invest in the right tools. Gartner predicts the global information security market will reach a staggering $170.4 billion USD by 2022.
Speaking to the dangers of linear thinking in an evolving world of cybercrime, John Lambert, a distinguished engineer at Microsoft Threat, states, “Defenders think in lists. Attackers think in graphs. As long as this is true, attackers win.” Attackers often amplify their efforts with network-based attacks, later hiding their tracks using multiple layers of indirection, delaying investigators, and disrupting traditional technologies built to expose immediate relationships. These powerful methods have the potential to disarm data security teams not equipped with tools capable of detecting such threats.
According to Jim Webber, Chief Scientist at Neo4j, security teams do not consider the system as a whole, whereas attackers examine how assets are connected, detecting a vulnerable part of the network, and navigating through the graph via methods such as “spear phishing.”
“It becomes increasingly more transparent, in an ever-evolving digital landscape, that it is critical to keep pace with cybercriminals and their sophisticated techniques,” said Webber. “Connections in data are core to building modern, intelligent applications, and graphs are really useful for making new, insightful discoveries about your business and customers, whether it’s keeping track of data assets, security analysis, or deeper threat investigation.”
With a graph database, cybersecurity teams can achieve a connected and contextualized view of all their assets, allowing them to understand the network as a whole. Graphs also help to analyze the underlying data, allowing investigators to recognize clusters of correlated alerts as they occur.