At the RSA 2016 conference this week, Kaspersky Lab made it clear that its ambition lies well beyond simply providing IT security products. For the first time, it will directly provide IT security services to customers in the form of Kaspersky Lab Security Intelligence Services that make use of Kaspersky Lab security software to monitor threat levels and even predict when and where attacks will occur.
As part of that effort, Kaspersky Lab also announced the Kaspersky Anti Targeted Attack Platform that makes use of sensors, analytics and sandbox engines to detect attacks that are aimed at specific organizations.
Michael Canavan, vice president of enterprise engineering at Kaspersky Lab North America, says the security services that Kaspersky will now provide span everything from penetration testing and training to the sharing of threat intelligence. As attacks have become more sophisticated, Canavan says, it’s become apparent that organizations require a more holistic approach to IT security, one that encompasses the ability to detect, respond and even predict when and where threats will manifest themselves. Those services, says Canavan, will be provided by Kaspersky using its own internal expertise along with services provided through Kaspersky by its business partners.
In this day and age, Canavan says, IT organizations clearly need to manage IT security as a process. That means rather than pouring all of their resources into network and endpoint security products, they need to pursue a more balanced approach based on a consistent methodology that detects what vulnerabilities an attacker might be specifically trying to exploit.
The fundamental problem is that targeted attacks are often difficult to detect. Kaspersky Lab reports that on average it takes 200 days for a business to detect a targeted attack. Losses from those attacks on average are $2.54 million for a large enterprise and $84,000 for a small-to-medium business.
While the vast majority of the IT security threats that most organizations face today could be classified as pedestrian, there’s no doubt that an attack specifically targeted at an organization can be devastating. The challenge IT organizations face is figuring out what types of attacks are specifically coming their way before any serious damage actually gets inflicted.