We’re at the point in the evolution of the security industry where traditional endpoint protection products and services simply no longer work to provide more than a base level of security against known threats.
The massive companies who continue to fall victim to breaches have doubtless spent millions on security, but the one thing they haven’t been able to adequately address yet is how to identify and block unknown threats like new malware variants, new packing and obfuscation techniques, zero-days and more.
The multi-billion-dollar question all these organizations are now asking is this: how can we successfully prevent an attack from being successful before we even know the threat exists?
From a CISO’s point of view, it’s up to the leaders of each company, large or small, to figure out the best way to protect their customers, employees, and their shareholders. The size of the organization doesn’t really matter – what matters is the technologies and processes they deploy to best protect critical systems and data.
One reason why we can’t get ahead as an industry is because the vast majority of companies still employ traditional, signature-based antivirus (AV) software. The industry as it is right now is overwhelmingly reactively oriented – the security vendor has to see a piece of malware first, categorize it, classify it, then manually create protective signatures and push updates in order to protect against it in the hopes that customers will get those updates before an adversary targets them.
The downside to that traditional way of working is that it is highly likely that some customers who have bought into that reactive approach will get infected each time a new malware variant is born – and there are thousands of new pieces of malware created each and every day, 365 days a year. So, (Read more...)
*** This is a Security Bloggers Network syndicated blog from Cylance Blog authored by Cylance Videos. Read the original post at: https://threatvector.cylance.com/en_us/home/when-even-massive-organizations-fall-victim-to-cyberattacks.html