Just ask anyone from Florida, Louisiana or Jamaica what was the biggest threat in recent history and universally the answer will be a category 5 hurricane. The devastation of Katrina, Irma or Sandy is still being dealt with years later. So, when a prominent politician compares a coming potential cyber threat to a category 5 hurricane, we should all stop and take note.
Where Is The Cyber Risk?
Most every cyber security professional understands that their organization may potentially be at risk to cyber threats and zero-day malware on a daily basis. We may be in for a new level of risk based on what the DHS secretary presented at a security summit last week. According to Kate Fazzini reporting for CNBC in an article titled “The DHS is setting up a new way for companies to share info about security breaches, preparing for a cyberattack 'hurricane'”;
“The next major attack on the U.S. is more likely to come by computers than airplanes, Department of Homeland Security Secretary Kirstjen Nielsen said Tuesday.
"We are in a crisis mode," Nielsen said at a cybersecurity summit in New York. "A cat 5 hurricane has been forecast, and we must prepare."”
The cat 5 hurricane metaphor is very visual, so it will be interesting to see what the best solution to protect against this pending disaster will be.
Sharing Is Caring
It seems that the Department of Homeland Security is now taking a different approach to cyber security issues to deal with this impending risk. According to Lilly Hay Newman in a Wired article titled “DHS Will Shore Up Cybersecurity for America's Infrastructure”
“At a cybersecurity summit Tuesday, Homeland Security secretary Kirstjen Nielsen announced the creation of the National Risk Management Center, which will focus on evaluating threats and defending US critical infrastructure against hacking. The center will focus on the energy, finance, and telecommunications sectors to start, and DHS will conduct a number of 90-day “sprints” throughout 2018 in an attempt to rapidly build out the center’s processes and capabilities.
"We are reorganizing ourselves for a new fight," Nielsen said on Tuesday, who described the new center as a “focal point” for cybersecurity within the federal government. Nielsen also noted that DHS is working with members of Congress on organizational changes that can be mandated by law to improve DHS's effectiveness and reach.”
The obvious idea behind this initiative is that if organizations can share specific experiences with cyber-attacks, then it will develop a set of resources to assist with tracking down cyber threats and security weaknesses. Unfortunately, this may be too late in a digital/cyber world where malware can strike in nanoseconds.
Prevent, Don't Remediate
Why wait for an attack when you can prevent it instead? The SoleGATE™ premise is simple: executable code in any type of non-executable content such as datafiles and datastreams is malware, and therefore should not be permitted to enter any organization. And, finally, SoleGATE is conclusive: content is either infected (quarantined) or it is not (clean). There is no behavioral analysis or guesswork, so you can prevent cyber threats instead of remediating the damage.
SoleGATE applies to protection against malware in active content and file-less malware as well. Active content such as macros is de-obfuscated no matter the level of nesting or encryption and evaluated using the patented DvC™ parser-based engine to determine its true purpose. Malicious scripts, links and URLs that may be hidden, self-extracting or even on remote servers are instantaneously analyzed and determined to be clean or not.
Get Solebit’s whitepaper on a transformative, evasion-proof approach against modern cyber-attacks that doesn’t require sandboxing. It will outline how to strengthen your cyber defenses dramatically by preventing attacks before they enter and harm your organization, your customers and your brand. Remediation is costly, prevention is not.