When it Comes to Malware Think Like Bond “Trust No One”
If you’ve ever watched a Bond movie you know that James Bond has a trust complex. Whether it’s M, MI6, or a femme fatale – Bond always gets into trouble when he trusts the wrong person (i.e., Vesper Lynd in Casino Royale). Arguably though, it’s this instinct to “trust no one” that’s kept him alive through 25 films.
And much like the omnipresent Spectre, global cybercrime continues to adapt and innovate with a lethal effect. The recent spike in ransomware attacks over the past 6 months demonstrates cybercrime’s increasing sophistication. Thousands of new strands of zero-day malware are created every day, and signature-based protections which rely upon reactive catalogs of threats can’t keep pace. Likewise, sandboxing files to diagnose them takes time and can fail to identify sophisticated malware that knows when it is being evaluated.
Without an up-to-date security framework in place, user credentials can be compromised and sensitive data can be stolen whether through internal negligence, such as an exposed AWS S3 bucket or through malicious intent. Cloud applications and bring-your-own-device (BYOD) can serve as proliferation points for malware when they are not properly secured. Unprotected personal devices can upload infected files to corporate SaaS applications, which can then spread malware to other devices and connected apps.
That’s where Bond’s ‘trust no one’ approach comes in and why it’s so important to implement a Zero Trust security model. Unlike traditional approaches, where an attacker can exploit cyber weaknesses upon gaining access inside a network segment perimeter, zero trust treats the identity of each user, application, device, and data stream as its own independent ‘perimeter,’ allowing granular access policy enforcement. As a result, rigorous security enforcement continues even if hackers compromise a corporate network — malware gets blocked from traversing between user accounts, devices, applications, and networks.
According to the 2021 Bitglass BYOD Security Report, 41% of organizations rely on endpoint malware protection for BYOD — an approach that is not ideal for personal devices which are hard to control and manage. Cloud-based malware protection tools are often a far better fit but are used far less often. Unfortunately, 30% of organizations don’t protect against malware for BYOD at all.
Implementing advanced threat protection (ATP) as part of a zero trust SASE architecture is an important step in proactively blocking known and zero-day threats. AI, behavior-based protections, and integrating a choice of best-of-breed vendors such as CrowdStrike, Bitdefender, or Cylance ensures fast and robust threat protection across all types of apps, devices, and infrastructure.
So when you’re watching the newest Bond film “No Time to Die”, think about how different the world would be if we could finally defeat cybercrime – with advanced technology, and a little less trust.
To learn more about Bitglass Malware protection watch this short video here and download the Enabling Zero Trust for Remote Work brief.
*** This is a Security Bloggers Network syndicated blog from Bitglass Blog authored by Jonathan Andresen. Read the original post at: https://www.bitglass.com/blog/trust-no-one
