Following the news that Regulators tell big banks to toughen cyber security, Balázs Scheidler co-founder and CTO of BalaBit commented below.
Balázs Scheidler, Co-Founder and CTO at BalaBit:
“Tough regulations are coming to the financial sectors, requiring a recovery time of a maximum of two hours after a breach. In order to achieve these numbers, one needs a combination of two things: forensic grade monitoring in order to acquire information/details about the breach, and automation in how we provision and manage our systems. The first will give us the clue and background on the scope of the breach, the second the ability to respond by redeploying from a “known-good” state. IT automation is not only important because of cost, rather due to the less manual work involved, it also makes it possible to comply to regulations easier and to keep the agility when a breach happens.”
Balázs Scheidler is a co-founder and CTO of BalaBit. Balazs has been engaged with IT security and software engineering for almost two decades now, during this time he helped create a series of security related products such as syslog-ng (log management), Shell Control Box (privileged activity monitoring), Blindspotter (user behavior analytics) and Zorp (firewall). Balazs is married, is a father of two boys and as a free software freak, he still contributes to syslog-ng. He is an initiator of numerous Linux related projects, he is regarded by members of the open source community as subject matter expert. He is the “father” of syslog-ng, a trusted log management solution, which open source version is used in more than 1 million installations worldwide, including several Linux distributions such as Debian, openSuse, is a default log collection tool in Amazon Kindle Fire, and used by companies like Facebook and the Computing Centre of the National Institute of Nuclear Physics and Particle Physics (CC-IN2P3). He is a technology freak, his interest includes logging, proxy-based gateway technologies and user behavior analytics, big data analytics.
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.