CISO MAG - Free Issues Endpoint Security Powerlist | Page 34

COVER THEME O 34 Vo l u m e 3 rganizations are being attacked at an increasing rate with Issue 10 Vo l u m e 3 Issue 10 COVER THEME Traditional defenses are inadequate today existing identity base, using social or Traditionally, the percentage of threats they could email campaigns, such as phishing or identity impersonation. Consequently, breaches causing significant financial departments would deploy desktop block has significantly diminished. and reputational consequences. In anti-malware to stop threats. These So, the problem is not whether a the 2018 State of Endpoint Security solutions compare an item, such as site that relies on these traditional Risk Whitepaper, nearly two-thirds an attachment or URL, to an internal models will be penetrated; it’s when (64 percent) of respondents reported database and whether anyone will discover it that their company had experienced new signature is created for a threat one or more endpoint attacks over after it has caused issues (because the past 12 months that successfully an organization has been hit by it compromised data assets and/or IT already). A file or URL is traced to infrastructure. This is a 17 percent a specific compromised site that increase from last year’s research (54 is updated as a threat source, it is percent of respondents). blocked and then the organization’s A number of factors contribute to endpoints are updated with the new this rise of attacks; from the increase threat signature. This can also be in the number of threat actors, to the the case for a known good location, sophistication of the attacks, to the which can be “whitelisted” or allowed widening attack surface. Financial based on its reputation. As necessary gain is still the most common motive as it is, all of this takes a tremendous behind data breaches, but there has amount of time and resources. Sadly, been a rise in breaches associated as soon as a good “whitelisted” site with corporate is given a clean bill of health, it can by both be hacked and become a source of criminal and government sponsored malware, indicating that static files groups. These groups have become are continually out of date. more sophisticated, moving away Historically, from brute force methods and viruses, well enough, if the endpoints are more often using social and personal able to be updated frequently with attacks, such as phishing, to establish new signature databases. In the Closing the gaps a foothold and then worm their way last few years, new threats and new into an organization. With the growth methodologies have been used to Essentially, there is a gap between of BYOD, the proliferation of mobile attack at a far faster rate than systems and cloud, and new IoT advancements, could be updated. Threats were attack routes are ever increasing. created and targeted to bypass their government espionage; carried and out CISO MAG | November 2019 of cybersecurity threat these signatures. A have before it causes damage. This situation is much like taking a conventional passenger van and putting it in a drag race against a Formula One racer. The van would be obviously sorely outclassed against its competitor from start to finish. In effect, the F1 could make multiple laps before the van finished its first lap. This doesn’t mean the van has no value; it certainly does. But if it’s expected to play in this new field, it needs new capabilities. Unfortunately, even if we can make it faster, it still has a basic design that will always limit its top speed, no matter how much it is modified. A full redesign and new thinking of the van would be required before it would even have a chance to worked compete. conventional endpoint security methods and new age technology to block advanced threats, dynamic CISO MAG | November 2019 35