Examine the content
The point here is that modern malware can easily circumnavigate many existing security systems. Signature based security measures such as AV and firewalls are no match for advanced malware kits so you can't rely on these technologies or on patch management to protect your organisation. And just because an organisation isn't a government or multinational business doesn't mean it won't have appealing data for cyber criminals.
You need to examine the content of both inbound and outbound traffic to minimise risk because, if you combine these exploits with some well-crafted social engineering, organisations will continue to be easy prey. It's time to examine-in real time-the substance of each website visited and in each email to effectively battle this malware lifecycle.
Spencer Parker is group product manager of Websense.
Sign up for Computerworld eNewsletters.