In the battle to defend against the ever-increasing volume and variety of threats, security solutions like firewalls, signature-based antivirus, and blacklisting may be ineffective. This is because the criminals know that the data that powers them may lag new threats by days or even weeks. Cybercriminals have now further raised the stakes by developing malware that incorporates evasion techniques to ‘sense’ when it is being inspected by security tools and turn off malicious operations until the inspection ends. These combine to create a security “gap”.
To Close the Gap, Web Security Must Evolve
Security vendors must deploy Big Data systems capable of analyzing tens of millions of data points about threats in real-time, as they emerge. “A dynamic sensor grid is required to effectively stay on top of a dynamic threat space,” says IT security analyst Richard Stiennon. “Only with a massive collection and analysis capability can a solution get close to providing complete coverage.”
Today, a web security solution must:
- Fuse threat data on a global scale, using automated collection and analysis techniques to build a threat intelligence picture of the Internet right now.
- Detect new threats by inference through correlation of disparate threat behaviors, as well as by direct detection.
- Apply threat intelligence to enforcement points in near real-time to ensure continuous, consistent, and accurate application of security policy.
- Deliver comprehensive protection to any type of end-user device, at all times, however it connects to the Internet, and at any location.
The good news is, when we achieve this, we destroy the ROI for the cybercriminal, and when that happens, they move on to look for easier targets elsewhere.
Read more in Destroying the ROI of Cybercrime - Part 1
To find out how you can stop cybercriminals from breaching your network, check out Cyren WebSecurity