Up until now, security has been mostly a catch-up game. A vulnerability is discovered, a patch is issued and applied, and so on and so forth.
However, as with all catch-up games, it will inevitably fail. By the time a new threat has taken hold, or the vulnerability has been found, it is too late. Companies will have been breached, and information or money stolen.
So says Lutz Blaeser, MD of Intact Security, adding that catch-up is a deadly game where security is concerned, and companies that are playing the game are coming off second best.
“The only hope businesses have in successfully defending themselves is by being pro-active, instead of reactive, he says.” Any business that sees security as an afterthought will soon be in big trouble. Security must be considered at the starting point, aligned to business objectives, and built in at development level so that it is integrated into every process, and every aspect of the company.”
He adds that a powerful security solution is part of the basic protection all companies should employ, but that security goes much further than that.
“Security should not only include virus protection and a spam filter, firewall and real-time protection against online threats, but proactive policies and strategies that will close any software security holes. Companies need to be clear about the dangers out there. Knowing what scams and tricks cybercriminals use is the only way they can protect themselves against these.”
Another area which companies should look out for, is the reliance on the same methods, tools, technologies and techniques to detect, remove and blacklist malware. “Today’s threats aren’t the relatively straightforward worms and viruses we saw a decade ago. They are highly complex and sophisticated, using many different vectors and weaknesses to penetrate the organisation.”
Because of this, blocking malware as it enters the network is no longer effective. Thousands of threats bypass intrusion prevention and firewalls on a daily basis, proving that evading traditional defences is child’s play for many threat actors out there.
“Today’s malware authors are very clever. They write malware that appears normal, allowing it to easily slip through security nets. Today’s malware often has no recognisable signature, or pretends to be from a reliable source,” Blaeser explains. “In addition, it won’t display any anomalous behaviour, and therefore, will set off no alarms.”
With around three new pieces of malware being written every second, a number that is growing exponentially, we can be sure of one thing, says Blaeser: “Cybercrooks know what they are doing. They are writing successful code that is infiltrating the business and is making them money.”
At the same time, he says, it is apparent that traditional tools and methods for fighting malware are failing. Malware is successfully bypassing intrusion prevention, firewalls and gateways and is getting inside.
“Cybercriminals are increasingly looking to cloud technology as a means of concealing assaults, carrying out website attacks or loading malware dynamically onto infected PCs, for example. As attacks grow in sophistication and frequency, our defences must do the same.
“Security is a many-layered entity, and relying only on one element of the entire process will keep providing cybercriminals with a way into company networks. A holistic, comprehensive approach is the only way to win the war,” Blaeser concludes.