As witnessed by a variety of large breaches at Talk Talk,Vodafone, at Hilton and others, are evidence of the alarming security gap in almost all networks. Most security vendors focus on preventive technologies aiming to keep malware from entering your network, little attention has been given to the time period between the infection begins and when it is detected.
The trick for controlling risks is to strike the right balance between prevention and detection.
Introducing ‘egress monitoring’
As it turns out, while trying to detect or block an initial security breach is extremely difficult because of the sheer number of attack vectors, looking out for suspicious traffic leaving your network is actually a very good way of identifying malicious activity.