By Richard Pain, Cybersecurity Specialist
May 5, 2017
Protecting against upcoming cyber-threats
No one type of security solution or practice can effectively protect against all types of attacks. The new security paradigm is one of resilience and multi-layered defence, leveraging a variety of solutions including, but not limited to:
- Advanced anti-malware (beyond blacklisting)
- Antispam and anti-phishing at the Web and messaging gateways
- Web reputation
- Breach detection systems
- Application control (whitelisting)
- Content filtering
- Vulnerability shielding
- Mobile app reputation
- Host-and network-based intrusion prevention
- Host-based firewall protection
Machine learning is another solution that will help combat known and unknown ransomware threats and exploit kit attacks, amongst other threats, by helping to identify whether network activity is malicious or not. At present there is a lot of concern about whether these solutions produce a lot of false positives but increasingly this is being addressed by solution providers.
For enterprises that are integrating IoT devices into their processes, security departments need to scrutinise device capabilities before procuring them to check for things like whether they can be updated, whether they can encrypt network communications and whether they have open ports.
Then there is also the perpetual challenge of training employees to avoid social engineering attacks and ransomware. Increasingly, generalised cybersecurity training awareness programmes are becoming available, which are useful as a foundation, but with the rise of BEC and BPC attacks, organisations will have to prepare their staff to identify and report even more specialised attacks, as well as.