Businesses are not prepared for advanced malware. This may seem like a harsh statement but as this week’s POS breach at Chipotle showed us, it is true. According to the 2017 Verizon Wireless Data Breach Report, over half (51%) of breaches included malware and 66% of that came through malicious email attachments.
In the world of cyber security and cyber defense, there is uneven playing field between the good guys and the bad actors. Why? First of all, bad actors have the advantage of making the first move. Second, they know more about you than you do about them. There is only one of you and there are thousands of them. For example, they have the ability to, find out if you’re running a sandbox and then create malware that evades the sandbox.
What have we done to stop it? A lot.
The past ten years have been spent developing security controls that we have layered on top of each other. However, instead of increasing our security we have further complicated the battlefield by adding cost, complexity and still not preventing attacks. IT organizations and the threat defense market are learning that there is no such thing as 100% prevention and in an effort to close this security gap, organizations are attempting to mitigate risk with human resources. Teams of analysts are now scouring event logs to identify malicious activity on the network but are finding it to be an impossible task to find trained humans that can do this work. Even if they are fortunate enough to hire a trained team, they find that it takes too long to respond to threats once they are in the network. Meanwhile, IT organizations are being pressured by lines of business and management to be more innovative and adopt technologies like cloud computing and BYOD that further increase the business’ risk posture.
If we are ever going to even out the battlefield we need a new approach to security. The question is no longer how to prevent infections and malware but, “How do we live in a compromised world?” and “How do we catch infections before they result in a data breach?” The answer – lower your risk of a data breach.
The answer isn’t in malware analysis but in big data science. In our whitepaper, we discuss:
- Understanding the threat cycle
- Building a Breach Prevention Platform
- Leveraging Big Data
- And we give you more details on three different types of profiling
To learn more about how to use big data to enable breach prevention, download our white paper today.
Want to know if your network has been breached? Sign up for our Network Security Checkup