Frost & Sullivan Advocates New Strategies Against Advanced Cyber Threats
White paper identifies what organizations need to know to protect their intellectual property and prepare for unexpected data breaches
MOUNTAIN VIEW, Calif. – Dec. 4, 2012 – With increased spending on IT resources since 2011, businesses expect rising customer demands for services such as online banking, cloud data storage, and social networking over the next three years. Organizations are responding to these trends by budgeting for additional capital expenditures on innovative IT strategies like big data analytics and virtualization technology. Since many organizations lack security solutions capable of handling today’s advanced threats, they need new strategies for more efficient IT security solutions to protect valuable assets, including mission-critical servers containing sensitive credentials that protect intellectual property (IP) data.
Advanced threats are designed for the sole purpose of extracting data while avoiding detection in a stealthy, calculated manner. Security vulnerability can be traced to poor deciphering of what is considered malicious code, or incomplete attack analysis on network anomalies. Furthermore, many IT administrators rely solely on antivirus or host intrusion prevention systems (HIPS) on their mission-critical servers and endpoint devices. However, they are most often unaware that an attack has initiated within their infrastructure due to the numerous business processes and changes taking place within their servers (system upgrades and expansion, change processes, security policies, etc.). This factor, along with the lack of qualified security resources available to detect, monitor and mitigate these new advanced threats, drives the need for an advanced solution.
Currently, the channels that potentially have the greatest threat to organizations’ critical servers are: corporate email systems, “bring your own device” (BYOD) and social networks. These channels are susceptible entry ways for advanced attacks.
“What organizations need to understand is that cybercriminals are changing their attack plan. The target is on domain controllers that are essentially the master vault key for the entire enterprise that grants access to confidential assets,” said Frost & Sullivan Industry Analyst Ben Ramirez. “Once they are able to infiltrate and extract the enterprise credentials from the domain controllers, they are able to navigate the network freely while stealing IP data under the enterprise’s radar. Even more concerning is the speed and methodology attackers implement in these advanced attacks, which allows them to bypass traditional detection systems for long periods of time.”
It is clear that signature-based, standalone blacklisting, HIPS, and other endpoint solutions are simply not capable of coping with advanced threats impacting companies today. With new malware families and variants created in the tens of millions each year, endpoint security is unable to detect and mitigate malware threats successfully. However, in the end, users are still the weakest link – it only takes a single click on a malicious URL for malware to bypass firewall policies.
Managing today’s security challenges can lead to substantially higher IT management costs, while still failing to adequately address new advanced threats. To tackle these security issues, Frost & Sullivan recommends trust-based applications control technology, such as Bit9’s Trust-based Security Solution, to quickly respond to issues companies face with corporate email systems, BYOD environments, and social networks threats that occur between the endpoints and critical servers. Bit9 responds to advanced threat dilemmas for all industries by using four key elements to address advanced threats: trust, detect, protect and measure.
Traditional signature-based blacklisting security strategies have proven inadequate in addressing today’s sophisticated malware. Advanced threats are targeting servers to steal valuable corporate IP. These attacks are happening fast and are bypassing traditional detection and mitigation tools. The only way to prevent today’s advanced attacks is to stop them from executing. Executives must rethink their security strategy and use policy-driven, trust-based security solutions to protect against advanced threats. Bit9 offers a trust-based security solution that is so effective it stopped Flame malware in one of its customers before it was globally identified as a security threat.
If you are interested in more information on this research, please send an email to Mireya Espinoza, Corporate Communications, at email@example.com, with your full name, company name, job title, telephone number, company email address, company Web site, city, state and country.
About Frost & Sullivan
Frost & Sullivan, the Growth Partnership Company, works in collaboration with clients to leverage visionary innovation that addresses the global challenges and related growth opportunities that will make or break today's market participants.
Our “Growth Partnership” supports clients by addressing these opportunities and incorporating two key elements driving visionary innovation: The Integrated Value Proposition and The Partnership Infrastructure.
- The Integrated Value Proposition provides support to our clients throughout all phases of their journey to visionary innovation including: research, analysis, strategy, vision, innovation and implementation.
- The Partnership Infrastructure is entirely unique as it constructs the foundation upon which visionary innovation becomes possible. This includes our 360 degree research, comprehensive industry coverage, career best practices as well as our global footprint of more than 40 offices.
For more than 50 years, we have been developing growth strategies for the global 1000, emerging businesses, the public sector and the investment community. Is your organization prepared for the next profound wave of industry convergence, disruptive technologies, increasing competitive intensity, Mega Trends, breakthrough best practices, changing customer dynamics and emerging economies?