4
By Matthew Walker , VP Northern Europe at HEAT Software
IT security is no longer just of concern to IT security professionals and the CISO today , everyone at the board level , from the CEO , CFO and CIO needs to improve their understanding of and the scale of the problem at hand . Those that don ’ t understand the impact a data breach can have , be it on the service desk or network availability , risk the blame falling at their door should the worst happen .
In recent times the number of software vulnerabilities , as well as the malware being created to exploit them , has exploded . More than 7,000 new vulnerabilities were published last year with software applications widely used within corporate environments such as Adobe Reader and Oracle Java JRE among those that are most affected . In addition , more than 16 million different malware signatures were identified to exploit them .
In isolation , prevention strategies such as blacklisting and antivirus simply can ’ t keep up . The reality is that organisations of all sizes must now build their plans around when , not if , they suffer an attack .
“ We not only have a legal responsibility , but also an ethical and moral responsibility to consumers ”
Steve Wright , Global Privacy Officer , Unilever at the London SC Congress
Unfortunately , it ’ s simply not possible to lock down IT like it used to be . Gone are the days when the IT department had absolute control over which applications were allowed to run on the network . In an era of mobile working , cloud computing , Bring Your Own Device ( BYOD ) and the Internet of Things , no organisation could accommodate that level of inflexibility . With each passing month we see new examples of the limitations of the traditional IT security technologies and toolsets in eradicating new threats . Where antivirus was once the pinnacle of IT security , most organisations today see it as little more than a single piece of a thousand piece jigsaw puzzle .
In response , virtually all organisations are recognising the need to adopt a ‘ detect and respond ’ mentality in order to get back on the front foot . Indeed , the 2016 Ultimate Windows Security threat landscape survey found that discovery and analysis was the top security priority for the 700 IT professional respondents worldwide .
There is no magic bullet solution but fortunately 99 % of risks can still be eliminated by regularly and consistently applying simple security precautions . Indeed , narrowing risk exposure to one percent is a realistic and hugely important goal for any CIO who has not already done so . Specific strategies can then be deployed to detect , respond and mitigate against the impact of more sophisticated attacks . The first and most important step is understanding which endpoints are connecting to the network and which software applications are being allowed to run . Only then is it possible for security teams to enforce the kinds of systems and policies that ensure strong levels of security .
For example , despite years of warnings about clicking on suspicious emails and websites , users still regularly fall prey to them . According to a study by Verizon , nearly one-quarter of email recipients open phishing messages and 11 % click on phishing attachments . Or to put it another way , a campaign of just 10 % success has a greater than 90 % chance of installing malware on a user ’ s PC .
Giving IT and security teams the ability to detect and respond to what is already present in the network is therefore equally , if not more important , than the measures taken to prevent threats from being introduced . Firstly , so that they can ensure all users understand the risks , as well as their responsibilities in helping to protect corporate information . Secondly , so that they can implement a welldeveloped reaction plan to enable rapid containment and recovery should a data breach occur .
The most effective defence has many layers but begins with intelligent whitelisting . Security policies such as antivirus have , in recent years , proved the limitations of blacklisting – the security threat landscape is simply too big and hackers , too smart . A whitelist approach