CUSTOMISED ENTERPRISE SOLUTIONS

CYBER SECURITY

IOT

SURVEILLANCE

What's NEW

Threat Detection & Response in Minutes - Not Months

TOM SHAW would like to welcome our new partner in Gold Standard Automated Threat Detection, Vectra AI.
Finding Clarity in the Noise: Visibility and AI in an Age Plagued by Security Threats.

As threats become more prominent, it’s important to pose the question: what actually brings clarity? It’s a question that we can struggle with, but we may simply not be approaching it in the right way.

This is a time when major companies are making headlines for all of the wrong reasons. Latitude Financial, the financial services provider operating across Australia and New Zealand, has released details of a cyber attack and data breach that has impacted 225,000 of their customers.

In such a state, visibility is fundamental, with

Try Us Out

Threat Detection & Response in Minutes - Not Months

TOM SHAW would like to welcome our new partner in Gold Standard Automated Threat Detection, Vectra AI.
Finding clarity in the noise: Visibility and AI in an age plagued by security threats.

As threats become more prominent, it’s important to pose the question: what actually brings clarity? It’s a question that we can struggle with, but we may simply not be approaching it in the right way.

This is a time when major companies are making headlines for all of the wrong reasons. Latitude Financial, the financial services provider operating across Australia and New Zealand, has released details of a cyber attack and data breach that has impacted 225,000 of their customers.

In such a state, visibility is fundamental, with the likes of artificial intelligence (AI) arming us with greater ability to understand our attack surface and catch threats fast.

Bringing unknowns into the light to improve security posture

Let’s first consider unknowns. The last couple of years have led to significant changes in how we work, and these changes have led to a larger attack surface, more vulnerabilities and exploits, more tools and alerts, and smaller, more overworked teams. Meanwhile, attackers are more evasive and more sophisticated in their infiltration methods.

Try Us Out

What We Do

NOBLE1

The world’s first User Centric Cyber Insight. Simplify complex signals with Real-Time data, communicate cyber risk confidently and make data driven business decisions

STEALTH CONNECT

A secure IOT solution to EXTRACT data from unlimited assets, PREDICT asset behaviour, ANALYSE events and NOTIFY solutions in Real-Time

AUTOMATED ROBOTICS

Automated Robotics Division, tailor made to fit Enterprise, Government and Military needs

Our Vision

TOM SHAW’s mission is to make the complex, simple.

Established in 2020, TOM SHAW is a rapidly expanding Thought Leader built on old world values, with a vision to develop ground breaking designs for the future. By combining powerful IoT technology with data science and real world expertise, we specialise in integrating commercial and industrial solutions, bringing the old, into the new.

At TOM SHAW, everything we do centers around transparency, which is why we have built an open source platform with no vendor lock or proprietary limitation.

This is to encourage purpose driven solutions in all industries, especially in the military, where we can unify their networks and sensors to power war fighters, vehicles and machinery such as drones. Using shared data across all domains, our powerful platform can be implemented across cyber, land, sea, air and space, then enhanced with the rapid integration of artificial intelligence, machine learning, predictive analytics, and other emerging technologies.
Our TOM SHAW Team welcome any questions you may have …
Our TOM SHAW Team welcome any questions you may have …

Finding clarity in the noise: Visibility and AI in an age plagued by security threats.

As threats become more prominent, it’s important to pose the question: what actually brings clarity? It’s a question that we can struggle with, but we may simply not be approaching it in the right way.

This is a time when major companies are making headlines for all of the wrong reasons. Latitude Financial, the financial services provider operating across Australia and New Zealand, has released details of a cyber attack and data breach that has impacted 225,000 of their customers.

In such a state, visibility is fundamental, with the likes of artificial intelligence (AI) arming us with greater ability to understand our attack surface and catch threats fast.

Bringing Unknowns Into the Light to Improve Security Posture

Let’s first consider unknowns. The last couple of years have led to significant changes in how we work, and these changes have led to a larger attack surface, more vulnerabilities and exploits, more tools and alerts, and smaller, more overworked teams. Meanwhile, attackers are more evasive and more sophisticated in their infiltration methods.

It’s true that oftentimes our attack surface is far larger than we assume. It’s not an uncommon statistic to only see 50% of assets logged as endpoints, with the additional IP addresses routers, switches, printers, cameras, telephones and other services. These additional IP addresses could be personal devices on a guest network, cloud computing services and container workloads, or even traditional server application services that are running hosts of activities that aren’t being monitored.

Gaining visibility over an attack surface means understanding threat vectors that sit beyond what you as a company own. Consider unauthorised access. An increasingly common term, this refers to the act of gaining access to a computer system, network or application without express permission or authorisation – as the name suggests.

As was recently reported, Commonwealth Bank of Australia’s Indonesian unit was recently heavily impacted by an incident involving unauthorised access of a web-based software application used for project management. Similarly, AT&T has recently publicly announced that back in January, an unauthorised person breached a vendor’s system and gained access to the company’s Customer Proprietary Network Information (CPNI).

Gaining visibility and clarity through expert tooling reduces the burden on security teams and greatly improves an organisation’s ability to understand threats and remediate them quickly and effectively.

The Role of Artificial Intelligence in Visibility and Security

AI is a powerful tool in driving signal clarity and maximising the use of our now more visible attack surface. AI enhances signal clarity by allowing us to zero in on the behavioural aspect of attacks and considering all possible infiltration points.

Attackers may also be utilising AI or automation to speed up their attacks, but this doesn’t inherently change their behaviour. There are still certain actions they need to take to compromise a network, and these behavioural markers are what we can pick up on.

We hear from many organisations that they receive far too many false positives from their security tooling and security teams are inundated with information that they don’t know what to do with. Leveraging AI is not about replacing a human being, it’s about making what we do far more efficient and clarified.

Responding to Threats to Protect our Systems and People

When it comes to response, we must know what to do with the attack alerts that come through, otherwise all our clarity is for nothing.

First, we determine what the attack is, and second what to do about it. There can’t be a blanket rule, we must be flexible, but we can create repeatable procedures that have flexibility built in. Metrics such as meantime to remediation can showcase the value and benefit of AI in terms of real outcomes and returns.

Moving forward we expect to see CISOs and security leaders invest more into tooling that improves efficiencies and supports security teams in sifting through alerts and uncovering threats in a sprawling and broad attack landscape. The solutions are there, and they’re getting better all the time, it’s just understanding what they are and how they can be integrated for maximum benefit.

Are you ready to respond and erase the unknown threat?

Finding clarity in the noise: Visibility and AI in an age plagued by security threats.

As threats become more prominent, it’s important to pose the question: what actually brings clarity? It’s a question that we can struggle with, but we may simply not be approaching it in the right way.

This is a time when major companies are making headlines for all of the wrong reasons. Latitude Financial, the financial services provider operating across Australia and New Zealand, has released details of a cyber attack and data breach that has impacted 225,000 of their customers.

In such a state, visibility is fundamental, with the likes of artificial intelligence (AI) arming us with greater ability to understand our attack surface and catch threats fast.

Bringing Unknowns Into the Light to Improve Security Posture

Let’s first consider unknowns. The last couple of years have led to significant changes in how we work, and these changes have led to a larger attack surface, more vulnerabilities and exploits, more tools and alerts, and smaller, more overworked teams. Meanwhile, attackers are more evasive and more sophisticated in their infiltration methods.

It’s true that oftentimes our attack surface is far larger than we assume. It’s not an uncommon statistic to only see 50% of assets logged as endpoints, with the additional IP addresses routers, switches, printers, cameras, telephones and other services. These additional IP addresses could be personal devices on a guest network, cloud computing services and container workloads, or even traditional server application services that are running hosts of activities that aren’t being monitored.

Gaining visibility over an attack surface means understanding threat vectors that sit beyond what you as a company own. Consider unauthorised access. An increasingly common term, this refers to the act of gaining access to a computer system, network or application without express permission or authorisation – as the name suggests.

As was recently reported, Commonwealth Bank of Australia’s Indonesian unit was recently heavily impacted by an incident involving unauthorised access of a web-based software application used for project management. Similarly, AT&T has recently publicly announced that back in January, an unauthorised person breached a vendor’s system and gained access to the company’s Customer Proprietary Network Information (CPNI).

Gaining visibility and clarity through expert tooling reduces the burden on security teams and greatly improves an organisation’s ability to understand threats and remediate them quickly and effectively.

The Role of Artificial Intelligence in Visibility and Security

AI is a powerful tool in driving signal clarity and maximising the use of our now more visible attack surface. AI enhances signal clarity by allowing us to zero in on the behavioural aspect of attacks and considering all possible infiltration points.

Attackers may also be utilising AI or automation to speed up their attacks, but this doesn’t inherently change their behaviour. There are still certain actions they need to take to compromise a network, and these behavioural markers are what we can pick up on.

We hear from many organisations that they receive far too many false positives from their security tooling and security teams are inundated with information that they don’t know what to do with. Leveraging AI is not about replacing a human being, it’s about making what we do far more efficient and clarified.

Responding to Threats to Protect our Systems and People

When it comes to response, we must know what to do with the attack alerts that come through, otherwise all our clarity is for nothing.

First, we determine what the attack is, and second what to do about it. There can’t be a blanket rule, we must be flexible, but we can create repeatable procedures that have flexibility built in. Metrics such as meantime to remediation can showcase the value and benefit of AI in terms of real outcomes and returns.

Moving forward we expect to see CISOs and security leaders invest more into tooling that improves efficiencies and supports security teams in sifting through alerts and uncovering threats in a sprawling and broad attack landscape. The solutions are there, and they’re getting better all the time, it’s just understanding what they are and how they can be integrated for maximum benefit.

Are you ready to respond and erase the unknown threat?