Channelnomics

Study: Traditional Security Obsolete for APTs

Plusone Twitter Facebook Linkedin Digg Email

As disruptive technologies reach their stride in the market, companies are responding to demands with greater investments in innovative IT strategies such as Big Data analytics and virtualization. Security has failed to keep pace with the rate of technology adoption, and organizations are not equipped to combat advanced threats.

The upshot? According to a Frost and Sullivan white paper, organizations will need strategies to protect valuable assets, including mission-critical servers and intellectual property beyond traditional methods.

The findings highlight a glaring lack of security infrastructure coupled with an inability to detect pending attacks. Most organizations fight sophisticated malware by relying on antivirus or host intrusion prevention systems (IPS) to protect mission-critical servers and endpoint devices, according to the report.

This security shortfall compounds growing challenges from complexity that include evolving security policy, upgrades and expansion and change processes. Not surprisingly, channels that pose the biggest threat to critical servers are the ones that introduce a multitude of threat vectors: corporate e-mail systems, bring-your-own-device trends and social networks. Most organizations end up unaware that they have suffered an attack.

“What organizations need to understand is that cybercriminals are changing their attack plan.  The target is on domain controllers that are essentially the master vault key for the entire enterprise that grants access to confidential assets,” said Ben Ramirez, a Frost & Sullivan industry analyst. “Once they are able to infiltrate and extract the enterprise credentials from the domain controllers, they are able to navigate the network freely while stealing IP data under the enterprise’s radar. Even more concerning is the speed and methodology attackers implement in these advanced attacks, which allows them to bypass traditional detection systems for long periods of time.”

Outside research corroborates these findings. According to a Fireeye Advanced Threat Report  covering the threat landscape for the first half of 2012, organizations are stymied to overcome a dramatic explosion of advanced malware in terms of volume and effectiveness in bypassing traditional signature-based security mechanisms.

The report indicates organizations experience 643 Web-based malicious events each week, such as file-based threats, malicious executables, and files that target and exploit application vulnerabilities over the Web or e-mail.

Despite the threat, the security holes present gaping channel opportunities.

As per Frost and Sullivan recommendation, partners can bolster customers’ basic security infrastructure with trust-based applications, which close some of the most obvious threat vectors by providing a filter against unauthorized access to e-mail, BYOD devices and social networking sites.

The research indicates an opportunity for partners to evaluate customers’ security shortcomings and ramp up defense mechanisms a few notches. It’s well known that advanced threats can circumvent traditional security measures, such as signature-based antivirus. That gives partners a wide berth to start conversations around security posture and introduce solutions that rely on more policy-driven and trust-based solutions while homing in on strategy to prevent attacks down the road.

Related Articles:

Leave a Reply