October 2018 marks the 15thanniversary of the National Cybersecurity Awareness Month. On one hand this should comfort CISO’s that recognition of this important issue gains visibility at a new scale, on the other it should be a bit scary that we still need to be made aware that security is an issue after 15+ years of breaches. October is also the month we celebrate Halloween and all things “scary”, so we can’t wait to see the range of cyber geeks creatively developing a zero day malware costume for All Hallow’s Eve.
Fear Of The Unknown
Fear of the unknown is a natural human instinct. This is compounded exponentially when your company’s productivity and profitability are on the line. As an IT security professional and especially as a Chief Information Security Officer, fear of the unknown translates into fear of zero day malware.
The Cost Of Not Knowing
When a new piece of malware affects a company, it is largely isolated to just that company with perhaps the small possibility of a partner becoming infected as well. While the damage to that company may cost $millions, the market at large is usually known the wiser or even impacted unless it makes the daily news. However, when a large public company gets hit and personal user information is affected, then we have a public relations nightmare as well as a remediation imperative. Just look at what happened recently to Facebook.
According to Kate O’Flaherty in her Forbes article titled “Facebook Data Breach – What To Do Next”:
“Facebook notified users of a massive data breach affecting over 50 million people. The breach had taken place three days earlier, on the afternoon of 25 September.
The social media giant says it doesn’t know exactly what kind of information has been compromised. However, in an updated statement yesterday, it did admit the hack affected those who use Facebook to log into other accounts.”
And if you think that’s bad, David Gilbert of Vice News reported that. “Facebook faces a potential $1.63 billion fine from European regulators after the social network admitted personal data from at least 50 million accounts was compromised by hackers last week.”
Preventing Zero Day Malware Is Easier Than You Think
In order to prevent zero day malware, your cyber security solution should deliver instantaneous end-to-end, evasion-proof security for any kind of network based non-executable content for a variety of persistently used attack vectors such as email, web, and cloud file sharing applications, challenging the norms that rely on slow, costly and mostly outdated, ineffective methods of sandboxing, signatures and behavioral inspection. The SoleGATE™ premise is simple: executable code in any type of non-executable content such as datafiles and datastreams is malware, and therefore should not be permitted to enter any organization. And, finally, SoleGATE (now part of Mimecast) is conclusive: content is either infected (quarantined) or it is not (clean). There is no behavioral analysis or guesswork, so you can prevent cyber threats instead of remediating the damage.
SoleGATE applies to protection against malware in active content and file-less malware as well. Active content such as macros is de-obfuscated no matter the level of nesting or encryption and evaluated using the patented DvC™ parser-based engine to determine its true purpose. Malicious scripts, links and URLs that may be hidden, self-extracting or even on remote servers are instantaneously analyzed and determined to be clean or not.
Get Solebit’s whitepaper on a transformative, evasion-proof approach against modern cyber-attacks that doesn’t require sandboxing. It will outline how to strengthen your cyber defenses dramatically by preventing attacks before they enter and harm your organization, your customers and your brand. Remediation is costly, prevention is not.