FRIDAY, March 29, 2024
nationthailand

The five new laws of anti-malware

The five new laws of anti-malware

The face of malware has changed considerably, especially in the last five to ten years. But, unfortunately, far too many companies are adopting an outdated approach that is several decades old. Malware has changed considerably since the early PC viruses w

 

Today, it evolves so quickly that many customers find it nearly impossible to stay ahead of the latest threat. Security experts estimate that more than 280 million viruses were released last year alone.
 
If the explosion in malware variants wasn’t enough, sophisticated Client Side Attacks and Advanced Persistent Threats (APT) target victims in ways that completely evade traditional security measures. Recent research suggests that as much as 75per cent of new malware is seen on a single endpoint and only about 40 per cent of new malware even gets detected.
 
It’s not a question of whether your network will be attacked with advanced malware.  It’s a question of when it will happen and how you will respond.  Advanced malware is changing the way security is managed.  There are five new laws that you should know.
 
Firstly, security is a “Big Data” problem now. What has changed is the sheer volume of data a typical vendor must deal with today.  The hundreds of threats companies dealt with on a daily basis less than a decade ago pales in comparison to the hundreds of thousands of threats they must handle on a daily basis today. Security experts estimate that more than 280 million viruses were released last year alone.
 
Even worse, threats today are highly ephemeral. In fact, approximately 75 per cent of threats we see today have a lifetime of zero, which means that the first time we see them on an endpoint is also the last time we see them.  The amount of data associated with threats is growing rapidly with no signs of abating in the foreseeable future.
 
Second, collaboration is key. Today’s advanced threats require a more collaborative approach.  Rather than operating independently, the different technologies should form a tightly integrated system.  Different protection technologies should integrate natively and work in concert to arrive at a final disposition about whether a particular file or application represents a threat.
 
Third, don’t think endpoint but think endpoints. IT security professionals need a broader perspective to answer critical questions including: How many threats targeted the organisation as a whole? How different departments in the organisation fare against each other? How does the organisation compare to the global population at large? Knowing the answers to these questions and others is important in determining how to fight advanced malware.
 
Fourth, you know your threat landscape best. Factors that contribute to the threat landscape of an organisation include its size, the value of its information assets, its profile or recognition within the industry, and the vulnerability of its systems.  For example, a small business that offers a commoditised service has different information security concerns than a multi-national corporation that designs sensitive technologies for government customers.    
 
In the fight against advanced malware, these same people should have the autonomy to leverage their domain expertise versus relying exclusively on their anti-malware vendor to develop protection for new attacks.
 
The last, detection is no longer enough. Today, the best solution also includes technologies that can help you quickly respond to the inevitable outbreak; technologies that can help you answer critical questions like: Where did it start? How did it spread? Can it be controlled?
 
Sutee Assawasoontarangkoon is regional sales manager, Indochina and India, for Sourcefire, a leader in intelligent cyber-security solutions. 
 
RELATED
nationthailand