Study: Traditional Security Obsolete for APTs

  • Tweet  
  • LinkedIn  
  • Facebook  
  • Google plus  
  • Send to Kindle
  • Send to  

A Frost and Sullivan report indicates most organizations rely on outdated traditional security mechanisms to combat advanced threats, giving the channel a wide berth to start conversations, ramp up defenses and embark on comprehensive security strategies with customers.

As disruptive technologies reach their stride in the market, companies are responding to demands with greater investments in innovative IT strategies such as Big Data analytics and virtualization. Security has failed to keep pace with the rate of technology adoption, and organizations are not equipped to combat advanced threats.

The upshot? According to a Frost and Sullivan white paper, organizations will need strategies to protect valuable assets, including mission-critical servers and intellectual property beyond traditional methods.

Related articles

The findings highlight a glaring lack of security infrastructure coupled with an inability to detect pending attacks. Most organizations fight sophisticated malware by relying on antivirus or host intrusion prevention systems (IPS) to protect mission-critical servers and endpoint devices, according to the report.

This security shortfall compounds growing challenges from complexity that include evolving security policy, upgrades and expansion and change processes. Not surprisingly, channels that pose the biggest threat to critical servers are the ones that introduce a multitude of threat vectors: corporate e-mail systems, bring-your-own-device trends and social networks. Most organizations end up unaware that they have suffered an attack.

"What organizations need to understand is that cybercriminals are changing their attack plan.  The target is on domain controllers that are essentially the master vault key for the entire enterprise that grants access to confidential assets," said Ben Ramirez, a Frost & Sullivan industry analyst. "Once they are able to infiltrate and extract the enterprise credentials from the domain controllers, they are able to navigate the network freely while stealing IP data under the enterprise's radar. Even more concerning is the speed and methodology attackers implement in these advanced attacks, which allows them to bypass traditional detection systems for long periods of time."

Outside research corroborates these findings. According to a Fireeye Advanced Threat Report  covering the threat landscape for the first half of 2012, organizations are stymied to overcome a dramatic explosion of advanced malware in terms of volume and effectiveness in bypassing traditional signature-based security mechanisms.

The report indicates organizations experience 643 Web-based malicious events each week, such as file-based threats, malicious executables, and files that target and exploit application vulnerabilities over the Web or e-mail.

Despite the threat, the security holes present gaping channel opportunities.

As per Frost and Sullivan recommendation, partners can bolster customers’ basic security infrastructure with trust-based applications, which close some of the most obvious threat vectors by providing a filter against unauthorized access to e-mail, BYOD devices and social networking sites.

The research indicates an opportunity for partners to evaluate customers’ security shortcomings and ramp up defense mechanisms a few notches. It’s well known that advanced threats can circumvent traditional security measures, such as signature-based antivirus. That gives partners a wide berth to start conversations around security posture and introduce solutions that rely on more policy-driven and trust-based solutions while homing in on strategy to prevent attacks down the road.

  • Tweet  
  • LinkedIn  
  • Facebook  
  • Google plus  
  • Send to Kindle
  • Send to  

Want to keep on top of all the North American channel news?

More on Channel Business
shadow-banking-web

Shadow IT brings ups as well as downs

While shadow IT poses a threat for solution providers, there are advantages to be found as well

mock3-0913

Channel millennials to learn from older peers with new CompTIA initiative

Initiative may help with 2015 emerging threat of millennial expectations

NY traffic lights

Gigamon launches partner program

Traffic visibility firm includes pre- and post-sales training certifications in new partner program

Sales online and in the shops

Black Friday wearable tech uptake splits industry

Shoppers may have snapped up a bargain wearable device on Friday, but just how much impact will this have when they choose to wear it to work today?

Visitor comments
Add comments
blog comments powered by Disqus
In-depth
Road to city

Evolution to as-a-service a rocky road for VARs

The much-discussed service provider route does not come without repeated bumps in the road for solution providers

team-of-toy-figures-putting-a-final-jigsaw-piece-into-place

EMC’s VMware remains intact — for now

Amid a rapidly consolidating and converging technology market, the storage giant staves off the spin-off of its virtualization software arm and stays ‘whole’

business-help

VARs need to evolve; vendors can help them do it

Who bears responsibility for helping the channel adopt new business models?

charles-foley-watchful

Vendor Q&A Series: Charles Foley, Watchful Software

The latest channel exec to sit in the Channelnomics hotseat is Watchful Software's chairman and CEO