Cybels Maps for a dynamic appraisal of information system risks

Thanks to Big data technologies, administrators can now consult a complete, constantly updated map of their information systems, significantly improving their ability to track, analyse and respond to cyberattacks.

Unusual data flows, unexpected situations or disruptions to an information system — how should companies respond to a suspected or actual cyberattack? When this occurs, it is essential that the right steps are taken to regain control without creating any additional risks. It is equally important to determine exactly how and when the attack was carried out.

Thales’s dedicated Rapid Response Team has successfully intervened for large numbers of private companies and public-sector organisations, offering a complete range of cybersecurity solutions and helping them take appropriate action straight away and subsequently rebuild their systems that come under attack.

An innovative approach

Known as Cybels, the solution leverages the benefits of Thales’s proprietary Big data technologies and includes a powerful tool called Cybels Maps, which uses sophisticated algorithms to analyse tens of millions of log entries to automatically reconstruct all data flows within the network. To perform such an operation manually would be impossibly time-consuming and fraught, especially in the event of a cyberattack, given the complexity and constantly evolving nature of information systems today.

Using advanced visual analytics techniques, Cybels Maps is a highly effective decision-support tool for security operators. Via a simple graphic representation of all components of the information system, any unusual data flows — such as internet communications outside the normal access gateways, for example – are quickly and easily detected. It is also possible to view a graphic representation of data flows for a specified time period, such as weekends, when certain types of exchanges are not expected to occur. Cybels Maps identifies anything unusual on the network, whether in terms of the type of activity or the number of times it occurs, and alerts operators, enabling them to respond quickly, as soon as anomalies are detected.

A complete toolkit

Derived from R&D work by the CeNTAI research unit (Centre de Traitement et d’Analyse de l’Information), Cybels Maps is just one of the tools in the Rapid Response Team’s toolkit. Subscribers have the assurance that the team are on hand to intervene within the shortest possible timeframe. Cybels Maps is available as a service to rapidly diagnose problems and alert operators to unexpected situations.

In today’s environment of all-pervasive cyberthreats, companies have a whole armoury of tools at their disposal to minimise the impact of an attack — which will inevitably happen, sooner or later, given the intrinsic vulnerabilities of all information systems and related equipment, applications, etc. A highly effective addition to the Cybels range, Cybels Maps further consolidates Thales’s leadership in the search for comprehensive solutions to protect and secure its customers’ information systems.

Further reading:
Security services on thalesgroup.com