Study: Traditional Security Obsolete for APTs

  • Tweet  
  • LinkedIn  
  • Facebook  
  • Google plus  
  • Send to Kindle
  • Send to  

A Frost and Sullivan report indicates most organizations rely on outdated traditional security mechanisms to combat advanced threats, giving the channel a wide berth to start conversations, ramp up defenses and embark on comprehensive security strategies with customers.

As disruptive technologies reach their stride in the market, companies are responding to demands with greater investments in innovative IT strategies such as Big Data analytics and virtualization. Security has failed to keep pace with the rate of technology adoption, and organizations are not equipped to combat advanced threats.

The upshot? According to a Frost and Sullivan white paper, organizations will need strategies to protect valuable assets, including mission-critical servers and intellectual property beyond traditional methods.

Related articles

The findings highlight a glaring lack of security infrastructure coupled with an inability to detect pending attacks. Most organizations fight sophisticated malware by relying on antivirus or host intrusion prevention systems (IPS) to protect mission-critical servers and endpoint devices, according to the report.

This security shortfall compounds growing challenges from complexity that include evolving security policy, upgrades and expansion and change processes. Not surprisingly, channels that pose the biggest threat to critical servers are the ones that introduce a multitude of threat vectors: corporate e-mail systems, bring-your-own-device trends and social networks. Most organizations end up unaware that they have suffered an attack.

"What organizations need to understand is that cybercriminals are changing their attack plan.  The target is on domain controllers that are essentially the master vault key for the entire enterprise that grants access to confidential assets," said Ben Ramirez, a Frost & Sullivan industry analyst. "Once they are able to infiltrate and extract the enterprise credentials from the domain controllers, they are able to navigate the network freely while stealing IP data under the enterprise's radar. Even more concerning is the speed and methodology attackers implement in these advanced attacks, which allows them to bypass traditional detection systems for long periods of time."

Outside research corroborates these findings. According to a Fireeye Advanced Threat Report  covering the threat landscape for the first half of 2012, organizations are stymied to overcome a dramatic explosion of advanced malware in terms of volume and effectiveness in bypassing traditional signature-based security mechanisms.

The report indicates organizations experience 643 Web-based malicious events each week, such as file-based threats, malicious executables, and files that target and exploit application vulnerabilities over the Web or e-mail.

Despite the threat, the security holes present gaping channel opportunities.

As per Frost and Sullivan recommendation, partners can bolster customers’ basic security infrastructure with trust-based applications, which close some of the most obvious threat vectors by providing a filter against unauthorized access to e-mail, BYOD devices and social networking sites.

The research indicates an opportunity for partners to evaluate customers’ security shortcomings and ramp up defense mechanisms a few notches. It’s well known that advanced threats can circumvent traditional security measures, such as signature-based antivirus. That gives partners a wide berth to start conversations around security posture and introduce solutions that rely on more policy-driven and trust-based solutions while homing in on strategy to prevent attacks down the road.

  • Tweet  
  • LinkedIn  
  • Facebook  
  • Google plus  
  • Send to Kindle
  • Send to  
More on Channel Business
Backbytes - a happy computer

Perk up! HP opens up former direct-only perks to the channel

Latest ServiceOne partner program released as Q4 results disappoint

Two men shake hands

Public offering: Ingram Micro and VMWare release new partner program

Public sector partners to benefit at no cost

learn-chalkboard

Watch and learn: Brocade EMEA merge watched carefully by U.S. arm

Benefits of channel and OEM business merge apparent in EMEA and APAC

Clouds jigsaw

More to channel life than cloud - Microsoft

Firm's UK channel lead says hybrid solutions may be the answer for many

Visitor comments
Add comments
blog comments powered by Disqus
In-depth
employee-challenges

Challenge accepted: Lenovo moving to single PC-server channel post x86 takeover

Lenovo aims to capitalize on the x86 server products it acquired from IBM by consolidating product sales under one channel. It sounds good in theory, but Lenovo has more challenges in its server ambitions than its channel structure

Jarrett Miller

Vendor Q&A Series: Jarrett Miller, Bromium

The latest channel exec to sit in the Channelnomics hotseat is Bromium's VP of global channel sales

John Schweizer - DataStax

Vendor Q&A Series: John Schweitzer, DataStax

Our latest exec to sit in the Channelnomics hotseat is John Schweitzer, executive vice president, worldwide field operations at DataStax

digital-hugging

CA embraces channel to build Application Economy

CA is shaking off its record of channel ambivalence to embrace partners’ capabilities to reach and service customers’ evolving and dynamic needs in the unfolding ‘Application Economy’