COVER
THEME
O
34
Vo l u m e 3
rganizations
are
being attacked at an
increasing rate with
Issue 10
Vo l u m e 3
Issue 10
COVER
THEME
Traditional defenses
are inadequate today existing identity base, using social or
Traditionally, the percentage of threats they could
email campaigns, such as phishing or
identity impersonation. Consequently,
breaches causing significant financial departments would deploy desktop block has significantly diminished.
and reputational consequences. In anti-malware to stop threats. These So, the problem is not whether a
the 2018 State of Endpoint Security solutions compare an item, such as site that relies on these traditional
Risk Whitepaper, nearly two-thirds an attachment or URL, to an internal models will be penetrated; it’s when
(64 percent) of respondents reported database and whether anyone will discover it
that their company had experienced new signature is created for a threat one or more endpoint attacks over after it has caused issues (because the past 12 months that successfully an organization has been hit by it compromised data assets and/or IT already). A file or URL is traced to infrastructure. This is a 17 percent a specific compromised site that increase from last year’s research (54 is updated as a threat source, it is percent of respondents). blocked and then the organization’s A number of factors contribute to endpoints are updated with the new this rise of attacks; from the increase threat signature. This can also be in the number of threat actors, to the the case for a known good location, sophistication of the attacks, to the which can be “whitelisted” or allowed widening attack surface. Financial based on its reputation. As necessary gain is still the most common motive as it is, all of this takes a tremendous behind data breaches, but there has amount of time and resources. Sadly, been a rise in breaches associated as soon as a good “whitelisted” site with corporate is given a clean bill of health, it can by both be hacked and become a source of criminal and government sponsored malware, indicating that static files groups. These groups have become are continually out of date. more sophisticated, moving away Historically, from brute force methods and viruses, well enough, if the endpoints are more often using social and personal able to be updated frequently with attacks, such as phishing, to establish new signature databases. In the Closing the gaps
a foothold and then worm their way last few years, new threats and new into an organization. With the growth methodologies have been used to Essentially, there is a gap between
of BYOD, the proliferation of mobile attack at a far faster rate than systems and cloud, and new IoT advancements, could be updated. Threats were attack routes are ever increasing. created and targeted to bypass their
government
espionage; carried
and
out
CISO MAG | November 2019
of
cybersecurity
threat
these
signatures. A
have
before it causes damage.
This situation is much like taking
a conventional passenger van and
putting it in a drag race against a
Formula One racer. The van would be
obviously sorely outclassed against
its competitor from start to finish. In
effect, the F1 could make multiple
laps before the van finished its first
lap. This doesn’t mean the van has
no value; it certainly does. But if it’s
expected to play in this new field, it
needs new capabilities. Unfortunately,
even if we can make it faster, it still has
a basic design that will always limit
its top speed, no matter how much it
is modified. A full redesign and new
thinking of the van would be required
before it would even have a chance to
worked
compete.
conventional
endpoint
security
methods and new age technology
to block advanced threats, dynamic
CISO MAG | November 2019
35