Company

Blogs

Chris Morales

Christopher Morales is Head of Security Analytics at Vectra® Networks, where he advises and designs incident response and threat management programs for Fortune 500 enterprise clients. He has nearly two decades of information security experience in an array of cybersecurity consulting, sales, and research roles. Christopher is a widely respected expert on cybersecurity issues and technologies and has researched, written and presented numerous information security architecture programs and processes.
Find me on:

Recent Posts

Gain Visibility and Automate Threat Hunting in the Cloud with Gigamon and Vectra

Posted by Chris Morales on Sep 13, 2017 9:00:00 AM

As enterprises migrate to the cloud, strong perimeter defenses are not enough to stop cyber attackers from infiltrating the network. Together, Gigamon and Vectra enable organizations to gain network visibility and automate threat management - providing continuous monitoring of network traffic to pinpoint cyber attacks that evaded perimeter defenses.

Chris Morales, Head of Security Analytics at Vectra joins us to discuss what challenges he sees customers facing when moving to Amazon Web Services (AWS) and how Gigamon and Vectra can help them.

Read More »

Man + machine is the winning combo for combating cyber threats

Posted by Chris Morales on Aug 10, 2017 8:45:00 AM

In the fight against cyber-attacks, time is money. According to the Ponemon institute, the average cost of a data breach is $3.62 million. Reducing the time to detect and time contain an incident can significantly mitigate the cost of a breach, and possibly prevent it.

Maturity level and effectiveness are two of the most important measurements of SOC performance. Maturity reflects an enterprise’s development level regarding its approach to managing cybersecurity risk, including risk and threat awareness, repeatability, and adaptiveness. Effectiveness is a measurement of the SOC’s ability to detect and respond to an incident as it happens.

We conducted a survey.

Read More »

Goldeneye. Petya. WannaCry. It's all ransomware.

Posted by Chris Morales on Jun 27, 2017 5:46:22 PM

We are seeing another outbreak of ransomware that appears to be a combination of previous other ransomware campaigns. As is always the case, criminal gangs learn from each other.

Petya was successful in 2016 using email attack campaigns and a ransomware-as-a-service business model. Wannacry introduced new worm propagation techniques proving highly successful in hitting thousands of systems in a short time span last month.

Read More »

Topics: Cyberattacks, cyber security, Ransomware, AI, WannaCry, petya, goldeneye


How AI detects and mitigates cyber attacks in software-defined data centers

Posted by Chris Morales on Jun 22, 2017 7:47:16 PM

Earlier this month Vectra announced plans to leverage the capabilities of VMware NSX to accelerate the detection and mitigation of hidden cyber attackers in virtualized data centers.

Vectra currently applies artificial intelligence to automatically detect attacker behaviors inside virtualized data centers. Vectra also integrates with endpoint and network response tools to automate the workflow.

Read More »

Topics: Cyberattacks, cyber security, Datacenter, AI


A behind-the-scenes look at how cybercriminals carry out attacks inside enterprise networks

Posted by Chris Morales on Jun 13, 2017 5:16:09 PM

Vectra Networks last week published the 2017 Post-Intrusion Report, which covers the period from January through March. While there are plenty of threat research reports out there, this one offers unique insights about real-world cyber attacks against actual enterprise networks.

Most industry security reports focus on statistics of known threats (exploits and malware families) or give a post-mortem look back at breaches that were successful. The first one looks at threats that network perimeter defenses were able to block and the second lists attacks that were missed entirely. 

Read More »

Topics: Cyberattacks, cyber security, Security Analytics, AI


Vectra detection and response to WannaCry ransomware

Posted by Chris Morales on May 16, 2017 8:59:36 AM

Vectra Threat Labs analyzed the WannaCry ransomware to understand its inner workings. They learned that while the way it infects computers is new, the behaviors it performs are business as usual.

WannaCry and its variants behave similarly to other forms of ransomware that Vectra has detected and enabled customers to stop before experiencing widespread damage. This is a direct benefit of focusing on detecting ransomware behaviors rather than specific exploits or malware. Many of WannaCry’s behaviors are reconnaissance and lateral movement on the internal network, within the enterprise perimeter.

Read More »

Topics: Cyberattacks, cyber security, Ransomware, cyber security gap, AI, cyber defense, WannaCry


Fighting the ransomware pandemic

Posted by Chris Morales on May 12, 2017 5:00:14 PM

What just happened?

A ransomware attack is spreading very rapidly among unpatched Windows systems worldwide. This morning, the attack was initially believed to target the UK National Health Service, but throughout the day, it has become apparent this is a global attack.

Kaspersky labs reported on Friday afternoon that at least 45,000 hosts in 74 countries were infected. Avast put the tally at 57,000 infections in 99 countries. All this, during just 10 hours. Of those infected hosts, Russia, Ukraine and Taiwan were the top targets.

Read More »

Topics: Cyberattacks, cyber security, Ransomware, Threat Labs, AI, Attacker Detection, threat research, bitcoin, Windows vulnerability, attacker behavior, shadow brokers


How to win the cybersecurity battle in healthcare

Posted by Chris Morales on May 3, 2017 6:11:22 PM

Risky business

There is some startling data in the 2017 Verizon Data Breach Investigation Report. What stood out to me as most concerning is that more breaches occurred in healthcare this year than last year. After reviewing the report, I see three key trends.

  1. The real threat is already inside healthcare networks in the form of privileged access misuse
  2. When healthcare organizations are hit from the outside, it is usually ransomware extorting them for money
  3. The growth in healthcare IoT is overwhelming and dangerous
Read More »

Topics: Cyberattacks, artificial intelligence


AI: Is science fiction on a collision course with science fact?

Posted by Chris Morales on Mar 30, 2017 3:48:43 PM

Sometimes science fiction becomes less fantastic over time than the actual reality. Take the film Ghost in the Shell, for example, which hits the big screen this week. It’s an adaptation of the fictional 28-year-old cult classic Japanese manga about human and machine augmentation.

Read More »

Topics: cyber security, machine learning, artificial intelligence


Don't let your cybersecurity vendor leave you vulnerable

Posted by Chris Morales on Mar 23, 2017 12:57:20 PM

The U.S. Computer Emergency Readiness Team (US-Cert) issued a warning last week stating HTTPS interception weakens TLS security. As the use of encryption for privacy has increased, the security industry has responded by intercepting and decrypting SSL sessions to perform deep-packet inspection (DPI).

Read More »

Topics: Cyberattacks, SSL Encryption, cyber security, security architecture


Subscribe to the Vectra Blog



Recent Posts

Posts by Topic

Follow us