More

    Security Today Requires More Than AV Software

    Slide Show

    New Cyber Attack Methods Uncovering Vulnerable Blind-Spots

    I had the opportunity to talk with Aleks Gostev, chief security expert for the global research & analysis team at Kaspersky Lab, about some of the current threat trends facing the enterprise today. Not surprisingly, the first thing he mentioned was mobile threats. BYOD, he said, is a huge problem for security officers, especially when dealing with the Android platform, because of the approximately 5,000 mobile Trojans discovered every week. And that security problem is doubled when you connect your PC to your Android device.

    The second major threat facing enterprise, according to Gostev, is targeted attacks and how they’ve changed over the past few years. He said:

    We are seeing a lot more incidents in big corporations. A small team of hackers creating special, dedicated Trojans to attack one organization.

    What these hackers are able to do, Gostev explained, is learn the type of security being used in these organizations. Then, they create Trojans that are meant to work around that security so malware can be downloaded undetected. He wasn’t kidding when he said targeted attacks.

    That led to us discussing something I’d been wondering about for a while. For many, both in enterprise and in personal use, the front line of data is antivirus (AV) software. I don’t know many who have gone beyond AV software on their personal devices; we often think that good AV software is enough. But as Gostev pointed out, with the rise of mobile threats and the sharing of information between devices, the risks are much greater. So I asked, is AV enough? Not anymore, Gostev said. Five years ago, AV would protect most of us from the biggest threats. Now we need to think in terms of security suites for protections.

    AV is basic protection and still a critical part of the security solution, Gostev said, but other parts of the security suite should include:

    • A good backup system—Hackers might erase or encrypt your data so that it can’t be used. According to Gostev, you want to perform regular backups to an offsite location so you have a recovery plan.
    • Cryptography—Make sure you have and enforce a good policy for passwords.
    • Whitelisting—Use only trusted software and prevent employees from downloading whatever they want.
    • Incident management system— Provide a centralized system to analyze all devices accessing the network.

    Gostev added:

    Hackers may spend $5 million to attack your system for your $10 million in assets and make a profit. The goal for enterprise is to raise the bar and make sure their attacks aren’t cost effective or profitable.

    Sue Poremba
    Sue Poremba
    Sue Poremba is freelance writer based on Central PA. She's been writing about cybersecurity and technology trends since 2008.

    Get the Free Newsletter!

    Subscribe to Daily Tech Insider for top news, trends, and analysis.

    Latest Articles