Malwarebytes today launched a malware removal service that makes first responders in the form of cybersecurity professionals available on-demand to organizations currently under cyberattack.
Kevin Latimore, enterprise malware removal specialist for Malwarebytes, said the Malwarebytes Malware Removal Service (MRS) will enable organizations to make up for a chronic shortage of cybersecurity expertise when they need it most. As those threats become more polymorphic, Latimore noted that the level of expertise required to remove malware successfully is also increasing.
In addition, the number and types of endpoint devices that might be compromised have also sharply increased, which Latimore said creates an attack surface that is not only hard to defend but also extremely difficult to remediate in a timely manner.
While organizations have been making use of Malwarebyte tools on their own to remove malware for years, the nature of the threats being faced now often requires experts that can remediate an issue both faster and more thoroughly, he added.
The latest report from Malwarebytes Labs shows that in the first quarter of 2019, overall threats against businesses have increased more than 200% year over year. Like most cybersecurity vendors, Malwarebytes is investing in artificial intelligence (AI) to mitigate the current skills shortage. However, it’s not likely AI will eliminate the need for cybersecurity professionals anytime soon—most AI tools are focused on narrow use cases for applying machine learning and deep learning algorithms that are intended to augment the capabilities of cybersecurity professionals.
The challenge most organizations face today is finding and retaining those cybersecurity professionals. The Malwarebytes service helps reduce some of that pressure by making sure that in an organization’s worst time of need, there is a team of cybersecurity first responders always available, said Latimore. In the case of MRS, it’s also worth noting every minute an organization spends cleaning up after a malware attack is less time that organization could be applying to other IT projects that add real value to the business.
There are, of course, any number of third-party professional services firms that make cybersecurity expertise available. The issue that many internal IT organizations will need to decide is whether and how much they will prefer to continue relying on third-party services versus a service provided by Malwarebytes directly.
In the meantime, the number of targeted attacks being launched against endpoints continues to increase. Many of those attacks employ phishing techniques to deliver ransomware to unsuspecting end users. Once one endpoint is compromised, it can take only minutes for the malware to encrypt data as the ransomware attack spreads. Organizations that opt not to pay ransomware can make use of the Malwarebytes service to remove ransomware as part of the first step to recovery, noted Latimore.
It’s unclear to what degree cybersecurity will be transformed from being a response to an event versus becoming a continuous process delivered as a service. As the amount of time and energy being applied to maintaining cybersecurity continues to increase, many organizations will decide to rely on a cybersecurity service as their first line of defense.