If you ever set foot in a Las Vegas casino, you’ve probably noticed the unbelievable amount of visible security. From security guards stationed throughout the casino, to the cameras in the ceilings, walls and floors. Not to mention the security bars, heavy doors, safes and alarms.
Employees go through rigorous background checks before they are hired and are taught to be on high alert looking for suspicious activities from guests and colleagues. The dealers must change tables every now and then and there are very strict rules regarding the exchange of money at the tables. The casino monitors its employees and guests to ensure no one is able to cheat, anywhere.
Yet with all of the apparent security at the casino, people still try and sometimes even succeed at stealing from the casino. The casinos would prefer to be able to prevent such acts before they take place but that’s impossible. There are always new tactics, new devices or a new insider threat.
Sounds familiar, doesn't it?
In the cybersecurity space, companies spend so much time, money and manpower to detect and prevent – forgetting that they will be breached. And when that happens, security teams rarely have the necessary forensic evidence. All they know is it wasn’t there yesterday and they can’t stop it from happening again tomorrow.
So how did casinos solve this problem?
Casinos collect data on everything. Every face that comes in the door, every transaction, every move at every table. And it’s not just gamblers that are under the watchful eye of the casino, employees are watched as well.
By using cameras, the casinos are able to track every step taken by every individual on the casino floor. This helps them to build a profile of an individual and the casino stores this data for months. This means that if a person did something suspicious, the security team can quickly access and inspect everything done by that person over the past few months.
It also means that the moment someone walks in, the casino knows who they are, how much money they won (or most likely lost), what’s their favorite game, and what they like to drink. Security cameras at casinos are known to have OCR (Optical Character Recognition) capabilities. They see the cards the gambler gets and knows how good of a player they are.
Casinos flipped the script
Casinos understood they need to continuously collect forensics data and that they must be able to analyze it quickly. This approach is called Preemptive Forensics. Casinos collect, model and store data in an accessible manner before the incidents actually occur. Forensic data is just sitting there waiting to be used.
Present-day incident response flows in most companies dictate the alert comes first, then the data collection and only then the investigation. It is time for companies to upgrade their incident response methods to the ones employed by casinos.
This is where SECDO’s comes in. SECDO is a modern-day incident response platform that developed an entire platform around preemptive forensics, allowing the security team to access pre-analyzed data and model it properly in real-time. SECDO continuously collects the forensic data from devices, such as endpoint and servers, and stores them in a centralized database. Data is automatically modeled in a contextual manner to allow the security team to access complete forensic narrative when performing investigations.
SECDO collects everything down to the sub-process level (thread level) on every single endpoint and server in the company. Data is stored and retained for months (or years), in the same manner and resolution of the security cameras on the casino floor.
When the security team receives an alert that requires further investigation, they can investigate and find out exactly what happened, how it happened, why it happened, who was involved… all in just a few seconds with SECDO.
Don’t imagine this kind of visibility and investigation capabilities – utilize SECDO’s Preemptive Forensics, today.