Businesses are not prepared for advanced malware. This may seem like a harsh statement but as this week’s POS breach at Chipotle showed us, it is true. According to the 2017 Verizon Wireless Data Breach Report, over half (51%) of breaches included malware and 66% of that came through malicious email attachments.
In the world of cyber security and cyber defense, there is uneven playing field between the good guys and the bad actors. Why? First of all, bad actors have the advantage of making the first move. Second, they know more about you than you do about them. There is only one of you and there are thousands of them. For example, they have the ability to, find out if you’re running a sandbox and then create malware that evades the sandbox.
The past ten years have been spent developing security controls that we have layered on top of each other. However, instead of increasing our security we have further complicated the battlefield by adding cost, complexity and still not preventing attacks. IT organizations and the threat defense market are learning that there is no such thing as 100% prevention and in an effort to close this security gap, organizations are attempting to mitigate risk with human resources.
Teams of analysts are now scouring event logs to identify malicious activity on the network but are finding it to be an impossible task to find trained humans that can do this work. Even if they are fortunate enough to hire a trained team, they find that it takes too long to respond to threats once they are in the network. Meanwhile, IT organizations are being pressured by lines of business and management to be more innovative and adopt technologies like cloud computing and BYOD that further increase the business’ risk posture.
If we are ever going to even out the battlefield we need a new approach to security. The question is no longer how to prevent infections and malware but, “How do we live in a compromised world?” and “How do we catch infections before they result in a data breach?” The answer – lower your risk of a data breach. As an example of how to do this, companies like Melaleuca, a wellness product manufacturer in Idaho, have both physical and virtual security measures in place to protect their servers from attack. This ensures Melaleuca.com is safe from security breaches. But more needs to be done.
The answer isn’t in malware analysis but in big data science. In our whitepaper, we discuss:
Understanding the threat cycle
Building a Breach Prevention Platform
Leveraging Big Data
And we give you more details on three different types of profiling
STAY IN THE LOOP
Subscribe to our free newsletter.
One of the hottest debate topics in today’s COVID-19 world is the proper balance of public safety with personal privacy. The latest actor to take center stage in that discussion is “Artificial Intelligence”. With so much of the world still in quarantine, including law enforcement personnel, governments are turning to technology to help fill in […]
Vulnerabilities Are On The Rise: Secure Your Business Now The reliance of businesses on data and information transmitted via cyberspace was never so high. While the data explosion has made organizations more effective and profitable, it has presented them with new security risks and challenges. Just as protecting your home against trespassers is important, securing […]
It’s not just the bad actors that we at Core Security want to protect you from – we also want to protect you from yourself. It’s all hands on deck when it comes to securing your systems and the systems you interact with on a daily basis. Everyone personally has, on average, four devices to […]
Late last year the New York State of Financial Services (DFS) announced that New York would be proposing a “first in the nation” rule on cyber-security to go into effect on March 1, 2017 which would impact any bank, insurance company and anyone else covered by DFS. The rule requires any regulated company design a […]