It may be that organizations are beginning to realize that traditional information security defense mechanisms are not sufficient against cyber criminals with constantly changing threat tactics. Even so, in this evolving threat landscape, many organizations are not utilizing the best protection to prevent cyber-attacks.
The 2014 iDefense report* highlights that there now are a variety of threats that organizations must consider in order to fully safeguard the organization including; hacktivism, remote administration tools (RATs) and Advanced Persistent Threats (APTs).
Organizations need to safeguard their data and their IP against organizations with phenomenal reach and expertise, as well as a willingness to play the waiting game. The threat is stealthy and targeted. It is time for all organizations to prepare for perimeter breaches as though they are inevitable, and focus instead on ensuring the protection of the internal data.
The breach at Target is the latest high-profile reminder that the rise in cyber crime is relentless and can be catastrophically effective.
In order to fully safeguard against APTs, protecting the perimeter and relying on users to detect breaches, will be nowhere near enough. System hardening measures – the elimination of commonly exploited vulnerabilities – has never been more important. Even then, the assumption must be that a breach may yet occur, and the contingency detection provided by File Integrity Monitoring (FIM) is essential.
FIM is proven to radically reduce the risk of security breaches; it raises an alert related to any change in underlying, core file systems – whether that has been achieved by an inside man or an unwittingly phished employee introducing malware, or some other zero day threat blasting unrecognized past the AV defenses. Flagging up changes in this way ensures there is no chance of an APT gaining hold; no risk of the stealth attack that gets in and out leaving no trace – there is a trace and the business is immediately notified.
The detection offered by FIM has never been more critical. For those organizations using FIM, it is time to determine whether the current deployment is a friend or foe. For those who are yet to embrace FIM stop assuming it is too complex and expensive: times have changed. Not only is FIM approachable and attainable – but it has also never been more important.
Share this post