===> Antivirus software (AV) is a necessary, but insufficient defense mechanism in this ever so common scenario and here is why. <===
The first stage of these attacks commonly involves exploiting a known vulnerability. AV focuses way down on attack phase three where it focuses on protecting against a common payload. As an industry we must shield the vulnerability. This is done best through host and network based technologies that use vulnerability shielding techniques or a more rigid technology, application control.
Unlike inferior pattern matching signatures, we need to embrace this broader approach of vulnerability shielding. These techniques have been commonly used for a decade in network devices while host based advanced protection has been more slowly adopted.
As noted by the recent NY Times article, now is the time.
===> As an industry we must raise the bar! None of us (vendors or practitioners) can persist in believing that if we build and deploy a traditional AV certified by historical AV testing techniques, that we’ll be safe. <===
===> Antivirus software (AV) is a necessary, but insufficient defense mechanism in this ever so common scenario and here is why. <===
===> As an industry we must raise the bar! None of us (vendors or practitioners) can persist in believing that if we build and deploy a traditional AV certified by historical AV testing techniques, that we’ll be safe. <===
Cyber security is about humans, not just IT
Computers do not make mistakes by themselves, so employees remain your biggest potential vulnerability. But they are also your strongest defence, if briefed properly.
Check also:
- http://gustmees.wordpress.com/2012/11/29/cyber-hygiene-ict-hygiene-for-population-education-and-business/
- http://gustmees.wordpress.com/2012/10/11/learning-basics-of-cyber-security-by-easy-to-follow-steps/
- http://gustmees.wordpress.com/2012/07/11/cyberhygiene-hygiene-for-ict-in-education-and-business/
- http://gustmeesen.wordpress.com/2012/03/16/beginners-it-security-guide/