Ditch the Alert Cannon: Modernizing IDS is a Security Must-Do

After more than 20 years of underwhelming results, security leaders have accepted their intrusion detection system (IDS) programs as no more than a compliance checkoff. It’s no secret that IDS’s reliance on bi-modal signatures is brittle, easily evaded and often referred to as an “alert cannon.” Time has not been kind to IDS and has created wide security gaps. With low IT budgets and the rise of the cybersecurity jobs crisis, organizations are in need of a centralized way to optimize workflow by integrating detection, investigation and response into a single tool. And that’s not to mention the lack of coverage traditional IDS solutions provide. According to the Verizon 2020 Data Breach and Incident Response (DBIR) report, out of 3,000 investigated breaches, 97.5 percent were caused by attacks that IDS wasn’t designed to detect. To combat the outdated nature of IDS, organizations should adopt next-generation IDS (NG-IDS) to fulfill the defense-in-depth promise unmet by legacy IDS. NG-IDS is effective against more types of attacks and fills glaring decryption and cloud compliance gaps while improving security. IDS Erosion Over Time IDS boomed in the ’90s as security frameworks like the SANS 20 Critical Security Controls and mandates like PCI DSS called out IDS by name. But even after a quarter of a century of IDS innovation and adoption across many enterprises, the same challenges persist. NIST 800-94, written in 2007, calls out the top challenges of that time, including…