Prevent; Don't Remediate

Cyber Security Awareness month continues, and it is probably time to pause and reflect on the vision for our IT security strategy. Is it based on “protecting your information assets from malicious code and cyber terrorists“ or is it “preventing any bad people from doing bad things”? It seems like you should be able to answer yes to both, but the reality is that a primary vale of protection versus prevention will have dramatic implications when it comes to dealing with the aftermath of malicious code attempting to enter your environment. Will you have to remediate damage done or just revel in the knowledge that your strategy prevented what others were infected by?

Spending More Doesn't Equate To Safety

It seems that we spend more and more each year on cyber threat protection, but hackers and breaches still effect most every corporation globally? The expenses are staggering. According to Steve Morgan, Editor-In-Chief of CyberSecurity Venturesthe cybersecurity market was worth $120 billion in 2017, up from $3.5 billion in 2004 and “will exceed 1$ trillion cumulatively over the next five years, from 2017 to 2021.”

Despite this spend of billions of dollars, the hacker community just seems to get smarter and more effective at evasion. According to Dell Cameron at Gizmodo.com:

“A week hardly passed this year without a major data breach to remind us of how precarious the state of security was throughout 2017. And while I’d love to report otherwise, you’d be hard pressed right now to find anyone in the know who thinks things are looking up.”

3 Security Layer Requirements

Ultimately you will need to establish a security layer that can allow your organization to:

  • Prevent, don’t remediate: Strengthen your cyber defenses dramatically by preventing attacks before they enter and harm your organization, your customers and your brand. Remediation is costly, prevention is not.
  • Detect the undetected: Identify any malicious or hidden code within incoming data files whether on your network or in a cloud. What you don’t know or cannot see can harm you.
  • Avoid the firedrill: Proactively and radically improve the agility of your cyber security. Finally, you can detect and protect against unknown (”zero-day”) risks, so at last you can take the panic out of cyber security.

Static Analysis Prevents Cyber Attacks

The addition of Solebit into the Mimecast family gives you a leg up on preventing that one entry into your cyber environment. Further enhancing Mimecast’s cyber resilience platform architecture, Solebit provides powerful threat protection to help customers face today’s broad threat landscape with evasion-aware, signature-less technology. The Solebit solution uses Multi-Tier protection to defend against attacks at different levels of the stack. This comprehensive approach is powerful, as evasion techniques may spread across different layers. The solution protects against advanced malware by using Solebit’s deep inspection that analyzes commands at the CPU level, all the way up to the application level, analyzing macros and embedded JavaScripts in Microsoft office or any other data file types whether on premise or in your public or private clouds.

Solebit’s SoleGATE uses a static analysis which is faster, more accurate, not OS version dependent and covers 100% of your code, with complete visibility. With SoleGATE, every line of code is evaluated, making Sandbox evasion techniques ineffective. The platform is agnostic to file type, client-side application type, or the client operating system used within the organization. Unlike a Sandbox which has to simulate specific customer environments, SoleGATE provides protection regardless of operating system, CPU architecture, and function (client, server) of the targeted machine.

Mimcast also recently acquired Ataata for security awareness training expanding Mimecast offerings for cybersecurity awareness capabilities with leading training content, risk scoring and real-world simulation attack scenarios.

See for yourself what SoleGATE can do to deliver evasion proof security for your organization today. Register for a free trial today.

Recent Posts