February 26, 2015

Industry Expert Says Cyber-Security Is Not Fit For Purpose

By Daniel Price

Cyber-Security Is Not Fit For Purpose

Several people have been claiming for a long time that anti-virus needs a major re-imagining, and after Mandiant released its annual M-Trends report on data breaches yesterday, that chorus of voices is only getting louder. Kowsik Guruswamy, CTO for Menlo Security, is responsible for one of those voices:

“I’d say a new approach to cyber security is well overdue, but perhaps from a different perspective”, said Kowsik. “As the man from Symantec said, ‘antivirus is dead’.  That’s pretty significant given that nearly all security technologies today are essentially antivirus by another name – they all ultimately try to tell the good from the bad”

He claims the current approach is failing badly, asserting that even ‘cutting-edge’ security products incredibly take an average of 205 days to uncover breaches. “The take away is we’ve got to get smarter about eliminating Malware all together”, he adds. “Not just invest more time and resources in post-breach detection technologies.”

In addition to the 205-day average, 69 percent of breaches were reported to the target organizations from an external source rather than by their own products and surveillance. It means that faced with what Kowsik terms ‘data breach fatigue’, the public are increasingly demanding answers as to who are behind the hacks and who had been effected. “Symantec’s Senior Vice President for Information Security came out last year in an WSJ interview saying anti-virus is dead… and the Mandiant report confirms just that”, said Kowsik. “If security software completely fails to detect a piece of attack software whose source code is out in the open, what are the odds of it having any hope against zero days or closed source malware?”

“We instinctively know that malware is malware and all forms are bad for an organization, but it turns out the lines are getting blurrier between nation-state attacks and financially motivated cybercrime” he says. “First it was Regin, then it was QWERTY, and then turns out it they were the same. It’s one of the reasons why the ‘whodunnits’ are get harder to pin point”.

Whatever the future may hold for anti-virus, changes are needed. It’s people like Kowsik and reports like Mandiant’s that are going to be the drivers behind those changes, as companies and governments wake up to the realisation that their clients and customers will no longer stand by passively as their data is stolen, often from organisations who’ve criticised for amassing the vast amounts of information in their first place.

What do you think? Is Kowsik right or do you have a different interpretation of the report? We’d love to hear from you.

By Daniel Price

Daniel Price

Daniel is a Manchester-born UK native who has abandoned cold and wet Northern Europe and currently lives on the Caribbean coast of Mexico. A former Financial Consultant, he now balances his time between writing articles for several industry-leading tech (CloudTweaks.com & MakeUseOf.com), sports, and travel sites and looking after his three dogs.
Dolores

Q&A: Airport Security Trends with Dolores Alemán, Frost & Sullivan Analyst

Airport Security Trends In this CloudTweaks interview, we delve into the evolving landscape of airport [...]
Read more
Rakesh Soni

Cultivating a Culture of Cloud Innovation: Elevating Your Business Potential

Cloud computing has emerged as a game-changer, revolutionizing how organizations operate and transforming their growth [...]
Read more
Premkumar Balasubramanian

It Can Be The Year of Right Clouding – But Avoid Potential Pitfalls

Some people are calling 2023 The Year of Cloud Repatriation. I think this is a bit inflammatory. [...]
Read more

Innovative Solutions Ensuring Cybersecurity in Cloud-Native Deployments

Innovative Solutions Ensuring Cybersecurity The digital landscape is evolving at a breakneck pace, and organizations [...]
Read more
www.strapi.io

Leverage AI for Smarter Content Strategies: Why Headless CMS is the Future

Why Headless CMS is the Future What is a Headless CRM? A Headless CMS is [...]
Read more
Stacey Farrar

Six Things to Consider When Choosing Between Free and Paid Migration Tools

Choosing Between Free and Paid Migration Tools Microsoft recently decided to stop offering its free [...]
Read more

SPONSOR PARTNER

Explore top-tier education with exclusive savings on online courses from MIT, Oxford, and Harvard through our e-learning sponsor. Elevate your career with world-class knowledge. Start now!
© 2024 CloudTweaks. All rights reserved.