This video helps illustrate how attackers operate, how they can be stopped, and how security enables organizations to take advantage of cloud, mobile and social technologies.

With massive security breaches happening everyday on organizations leaving behind compromised data, inaccessible services and billions of dollars worth of damage. Security teams require a smarter, more intelligent security approach to protect their people, data, applications and infrastructure, including mobile and cloud.

A Guide to Cyber Security

Massive security breaches at some of the world’s largest organizations happen every day, leaving behind a wake of compromised data, inaccessible services and billions of dollars in damages.

Long gone are the days of simple viruses and worms. Today’s heists are the result of sophisticated teams with specific goals. Attackers use several techniques to break in. They exploit weaknesses on websites, place infected apps in app stores or send handcrafted e-mails with dangerous attachments. When the file is opened, malware installs on a user’s device where it can hide for months.

Without the right security in place, the user suspects nothing and security tools detect nothing. The attackers are now inside the organization. They use this position to infect other computers on the network and search for usernames and passwords to gain sensitive information such as credit card numbers, product designs or sales figures. They copy the stolen information to a remotely accessible server and wait until the opportune moment, download it and destroy all records of the attack.

Not that long ago security professionals could focus their efforts on building a strong perimeter around the enterprise. They installed protection on the edge of the network and placed security software on employees’ computers. A monthly audit told them if safeguards were operating properly. This approach is no longer sufficient because there is no perimeter.

Business happens everywhere. Employees access applications from smartphones, and developers provision cloud resources on demand. Security must travel with the user and the data, especially outside the walls of the organization.

Instead of evolving their practices, organizations layer on more and more tools from multiple vendors, each one claiming to solve a new part of the problem. These isolated tools are unable to prevent new breeds of attack and can’t provide the security team a view of what’s going on across the enterprise.

Organizations need a new, intelligent approach to protect people, data, applications and infrastructure wherever they reside. They need to harden their defenses before an attack, detect and prevent breaches during an attack, and quickly respond to incidents after an attack.

Before an attack, the security team needs to fix vulnerabilities in their applications, endpoints and network. Using traditional scanning methods, they can’t remediate the thousands of weaknesses that are discovered. Instead, they need to reduce them into a manageable amount based on priority and context, understanding what’s patched, what’s already defended against, what’s active and what’s most accessible to an attacker.

Organizations also need to identify and authorize users, paying special attention to privileged accounts with access to their crown jewels. It’s critical they identify, monitor and control access to their most valuable data, whether it’s in a database in the data center or in the cloud, and detect who is accessing what from where and when.

They also need to secure mobile devices with strong passwords, keep corporate data in a safe mobile container, and have the ability to wipe the container if the device is lost or stolen. When done right, cloud and mobile offer an opportunity to bring security closer to the user and the data, transforming security practices throughout the enterprise.

During an attack, the security team relies on tools to detect and block threats in real time. But outdated methods of prevention that look for known patterns of malicious code are not keeping up. Attackers have learned to mutate their code to defeat pattern-matching technology.

Since these tools are looking for an identical replica, the attack goes undetected. Instead of relying on patterns, a better approach looks for changes in the behavior of your application, either across the network or on the endpoint.

In order to do this effectively, you need a solution to analyze hundreds of network protocols, thousands of applications and data from millions of endpoints, continuously feeding updated threat information from the cloud to your defenses. The security team also needs to spot anomalies and subtle indicators of an attack. They need to be alerted to activity that falls outside of normal patterns of time, location, user and network behavior.

Say an attempt from a trusted employee to transfer thousands of files across the world in the middle of the night. Doing so requires tools that collect and analyze massive amounts of data in real time from the security infrastructure and beyond, including log and event data, network flows, vulnerability and configuration information, identity context, threat intelligence and more. It requires big data analytics, it requires security intelligence.

Despite best efforts, breaches occur and security teams need to know everything happening across the enterprise to respond immediately with a clear answer. They need to investigate incidents using a single view of log data, network traffic and security information across thousands of systems. They can then build evidence or rewind and replay activity to understand what really happened.

They also need access to experts with unique skills to investigate the scope of the intrusion and then prescribe a remedy that will keep the organization safe in the future. With no end in site, organizations must move fast. Security teams have to be on guard 24/7, 365 days a year, both in the cloud and on mobile devices.

Read the latest research from IBM X-Force