09 May 2017
Blogs by author: Luke Beeson, VP Security UK and Global Banking & Financial Markets.
Luke Beeson recommends that your organisation adopts smart prevention measures as part of a proactive approach to cyber security.
Why a binary view isn’t always best.
Today, the political landscape is often dominated by binary decisions like ‘Republican or Democrat’ and ‘leave or remain’. And the security industry seems to have adopted this model, with prevention and detection often presented in the same way.
But, as attackers become increasingly creative, launching more complex and considered attacks, the detection route that so many organisations choose is struggling. In fact, a recent study found that over 90 per cent of enterprises have vulnerability backlogs of up to 5,000 detected threats.
Statistics like these show the need for a better designed, more comprehensive and multi-layered security structure. It’s also a reason to be proactive, rather than passive — which is why prevention shouldn’t be neglected either.
Don’t rely on a proactive board.
One of the most promising developments in cyber security I’ve seen in recent years is that boards are far more aware of the risk of cyber attack. This issue is now a quarterly feature in board meetings at 73 per cent of organisations.
So, organisations are becoming more proactive about their security, but there’s still a lack of understanding about just how much a business relies on IT. Companies have very complex IT infrastructures, and just a single vulnerability can be dangerous. The following example shows just how damaging a breach can be…
Steel yourself for the unexpected.
The German Federal Office for Information Security released a story revealing that an unnamed German steel mill had experienced “massive damage” following a cyber attack.
Hackers used a phishing email to infiltrate the company’s corporate network and a malicious attachment then installed malware within the company’s systems.
From there, the attackers were able to move laterally within the steel mill’s IT system, meddling with the entire production network to the point that a blast furnace couldn’t be shut down. This caused significant material damage, not to mention the safety implications such interference could have.
At the time, a digital expert said: “We do not expect a steel plant to be connected to the internet and to be hackable — that’s quite unexpected.”
Become a moving target.
As this example shows, cyber criminals can do serious damage, so it’s important to make your organisation a moving target with a combination of detection and prevention capabilities.
Managing the risk of new, unexpected malware means organisations need to do things differently. Especially because there are nearly 12 million new malware variants discovered every month, including in files that are the ‘life blood’ of many organisations, such as PDF, Flash and Microsoft Office.
Enhanced prevention strategies should avoid common frustrations and not repeat the pitfalls of traditional sandboxing — such as delaying file delivery, or letting potential threats through while evaluating other files. Fast, secure delivery of content that businesses can trust should be a priority for any prevention solution, and this can be delivered through granular CPU-level exploit detection and expert human analysis.
In today’s threat landscape, I recommend a unified security architecture that prevents attacks before they can damage your organisation. A multi-layered approach makes it harder for criminals to operate before, during and after an attack, while the right smart prevention can help rapidly uncover existing vulnerabilities. You can then use this actionable forensics data to establish a detailed understanding of the attack flow, malware entry points and the scope of the incident.
To find out more about how you can better protect your organisation, join our webinar on Thursday 18th May at 15.00 GMT.
At the webinar, Luke Beeson, VP of Security for UK and Global Banking & Financial Markets, BT, and Aatish Pattni, Head of Threat Prevention for Northern Europe, Check Point will look at Smart Prevention and discuss how, by developing a multi-layered approach to security, organisations can stay ahead of the game.