This vendor-written piece has been edited by Executive Networks Media to eliminate product promotion, but readers should note it will likely favour the submitter's approach.
Kane Lightowler, Managing Director, Asia Pacific & Japan, Carbon Black
Singapore, Japan and Malaysia have singled out cyber-attack as the risk of highest concern according to the World Economic Forum's 2016 Global Risk report. Singapore's Minister for Communications and Information Yaacob Ibrahim also recently announced a new, standalone Cybersecurity Act to be tabled in next year's Parliament. Once instituted, this Act will provide for stronger and more proactive powers in response to cyber-attacks growing in boldness, speed and sophistication.
All these show that traditional security measures such as antivirus (AV) are no longer sufficient in today's increasingly sophisticated digital landscape. Yet AV is by far the most widely deployed endpoint protection solution, with more than 90 percent of corporate devices running AV software. So where do these new security threats come from?
The biggest bullies are no longer historic nuisance malware that impairs system performance. Advanced threats are the new kid on the block, running amok in the systems of organizations, causing way more damage than was possible before. Today's security battle is being waged at the endpoint-servers, desktop and laptop computers, mobile devices, and fixed-function device such as point-of-sale machines-because that's where organizations' critical information resides. These advanced threats - the brainchild of highly sophisticated cyber criminals, aim to control or destroy an infected system with the goal of stealing economic or strategically important information.
Advanced threats differ from nuisance malware in two distinct ways:
- Advanced threats are targeted while malware usually aims for a maximum attack surface and is widely distributed. This means that the attacker specifically chooses the victim.
- Advance threats are driven by human interaction. Rather than a piece of automated code, the attackers interact with the target computers, enabling them to use existing tools on the system to accomplish their goals.
The sophistication of these threats allow it to typically stay undetected for months or even years. According to a report by Ponemon Institute, organizations take an average of 256 days to identify a breach and 100-120 days to response and mitigate, altogether costing the companies an average of USD$3.8mn per breach.
AV can't keep up
With AV powerless against today's company-crippling advanced threats, it has resulted in a huge gap in endpoint protection, exposing both large enterprises and SMBs' alike to a wide range of advanced attacks, costing them millions of dollars. Clearly the traditional approach to endpoint protection is no longer effective.
What organizations need is a paradigm shift in their approach to security investments, evolving and upgrading their defenses to keep pace with these threats. This new generation of defense that has been specifically developed to address advance threats is known as the Next Generation Endpoint Security (NGES).
Sign up for Computerworld eNewsletters.