20/02/2015
By Marie Hattar, CMO, Check Point
There is a lot of emphasis these days on educating young people about responsible internet use and promoting awareness of the security dangers that exist online. While this continues to be a key focus, it’s also important to examine how businesses can better protect themselves against ever-growing online threats. After all, cybercrime ultimately impacts all Internet users, as the daily deluge of headlines about companies being hacked, data being held to ransom and consumers’ personal details being stolen shows.
With this constant flow of bad news, it’s easy to think the security battle is being lost. It’s true that attacks are growing in complexity and volume, but there are still several steps that companies can take to defend against web-based threats, and against inadvertent mistakes that can open up security vulnerabilities in their organisations.
Fighting malware
A 2014 Check Point survey found that the top two reasons why malware attacks against businesses continue to grow and cause disruption were:
• More zero-day exploits that weren’t detected by anti-virus solutions
• Smarter social engineering tactics by malware authors that tricked users
New, zero-day exploits are able to avoid detection because their developers use obfuscation tools, so the malware is not picked up by traditional signature-based antivirus solutions. However, a technique known as threat emulation or sandboxing can be used as an additional layer of defence to stop new threats before they can infect networks. As threat emulation solutions can be deployed as cloud services on a pay-as-you-go basis, these are within the financial reach of almost any business, giving a vital extra layer of protection.
And to combat malware and other threats that may slip through the defensive net, educating employees about email- and web-based scams is also an essential step. A majority of malware infections start with an employee inadvertently opening an infected email or attachment, so teaching staff to watch for vital email social-engineering clues can make a big difference in mitigating risks. A little training can avoid a lot of complaining.
Mobile matters
Securing mobile devices is a big issue for organisations, too. We surveyed over 700 businesses globally in 2014, and 42% had suffered mobile security incidents which cost more than $250,000 to remediate. Worryingly, 44% of respondents do not attempt to manage corporate data on employee-owned devices. 87% believed that the main security threat to mobile devices were careless employees.
Mobile devices probably provide direct access to more varied and valuable business assets than any other individual attack vector, including personally identifiable information, passwords, business and personal email, corporate documents, and access to corporate networks and applications. The solution is to encapsulate and protect the devices themselves, the data they hold, and their communications to corporate resources with an integrated approach, so that security can be delivered wherever the device is being used.
Joining forces
A big factor in the rapid spread of malware attacks is the lack of intelligence available to companies about new, emerging threats. What if, following the detection of a new type of malware, organisations were able to share information about the new threat to help others avoid infection too - in much the same way that global health organisations collaborate to fight emerging diseases?
Services such as Check Point’s ThreatCloud help to spread the knowledge acquired about a new enemy, closing the time window between the discovery of a new attack and the ability to defend against it. Once a new threat has been fingerprinted, details of it are uploaded to the cloud and automatically shared with subscribers worldwide. So if a new threat is being used in a targeted attack on a bank in Hong Kong and is identified by threat emulation, the new signature can be applied to gateways globally in minutes. By ‘vaccinating’ organisations against attacks before they spread, this reduces the chances of an outbreak becoming an epidemic, improving security for all.
With the right mix of security solutions, staff education and intelligence sharing, organisations can make a key contribution in making the Web safer for all.
