By: Fran Howarth, Practice Leader, Bloor Research
Published: 3rd December 2012
Copyright Bloor Research © 2012
The threats we face today are no longer smash-and-grab raids, looking for instant gain. Rather, perpetrators are looking to get a deep foothold into the network. They use subterfuge to trick their way into the organisation that is being specifically targeted and, rather than exiting rapidly, they then move laterally through the network, looking for richer pickings by escalating their access rights and laying in wait, often for long periods of time. They aim to remain undetected. The scale of the problem is borne out by this year's data breach investigations report by Verizon Business, which found that just 16% of breaches suffered by respondents were discovered by the victims themselves.
These criminals are well resourced and technologically adept. They aim to use multiple attack techniques and constantly evolve their exploits, testing them against commercially available security controls to ensure that they can evade them. Many of those controls are reactive in nature, only providing countermeasures against threats that have already been countered. That is no longer sufficient for fending off the sophisticated threats that we face today.
What is needed is a new approach - one that is based on trust. Application control and whitelisting technologies provide the advanced weapons needed to counter advanced threats. They can be used to ensure that only trusted applications can be run on the network, blocking all other applications from executing. Thus, they are highly effective at preventing malware infections and data exfiltration, especially when all systems are continuously monitored in real time.
By allowing only what is known to be good to run, trust is returned to the security equation and an organisation will be in a much stronger position to protect its sensitive information from the risks posed by sophisticated cyberthreats. To learn more about how such technologies are important weapons in an organisation's arsenal, join Bloor Research and Bit9 for a webinar that will take place at 9am EST/2pm GMT/3pm CET, Tuesday 4th December. Click here to register: Enhancing security through a trust-based approach.
We automatically stop accepting comments 180 days after a post is published. If you would like to know more about this subject, please contact us and we'll try to help.
Published by: electronicdawn Ltd.