New Cybersecurity Prevention Strategy: 'Detect and Response'
Corporations, law firms, and small businesses know the mantra all too well: cybersecurity is getting hairier, bloodier, and more complicated with each passing day. The best option may be to hire a third party security firm. But we're still losing the war.
If it's not possible to keep up with all potential attacks, what's to be done? According to the State of the Endpoint Report by Ponemon Institute, many IT departments are focusing on protection after a breach occurs.
"Detect and Respond" Predictions
"Detect and response" is a new approach IT professionals are taking to address cyber threats. This is a decided shift away from the prevention of cyber threats.
Ponemon Institute has made a few predictions based on its research. For example, the detect and response approach will will entail the addition of "threat intelligence" to security. Also, firms will make active use of endpoints as security sensors.
The Hill Is Getting Steeper
The survey by Ponemon tracked the responses of some 700 US IT security practitioners and more than half of them said that malware attacks on companies are getting "stealthier and more difficult to detect." That's despite the fact that the number of respondents who actually had a strategy in place to deal with a malware attack went up. And it doesn't seem to matter what kind of attacks were talking about either, the attacks can be of the zero-day variety or DDoS. Either way, they're getting quicker, sleeker and harder to notice.
Endpoints: Phones, PCs, Laptops, Users
One glaring theme in the report was the jump in the number of respondents who believe that mobile endpoints were the main target of attack from years before --from 68 percent in 2015 to 80 percent this year. Phones and other mobile devices are now prime hunting grounds for hackers looking to pry into previously guarded networks.
But apparently the biggest threat to company networks is not technology but employees who us it. More than 80 percent of companies responded that "end point security" is compromised because of "negligent or careless employees" who don't follow company security policies. And sometimes it's not even about negligence -- it's about all out fraudulent intent.
Related Resources:
- Employee Data More Exposed Than Customer Data (DarkReading.com)
- Certified Ethical Hacker Program Accidentally Spreads Malware (FindLaw's Technologist)
- Are You Insured Against Ransomware? You Should Be. (FindLaw's Technologist)
- Alleged Pedo's Computer Gets Locked by Virus, Turns Himself In (FindLaw's Technologist)