Intelligent CISO Issue 45 | Page 69

Both governments have a crucial role to play in the fight against global cybercrime , and in many ways , they set the tone for how organisations far and wide approach these challenges . www . intelligentciso . com
decrypting myths
A proactive strategy
In contrast , take the emphasis many organisations currently place on antivirus and sandboxing technologies in preventing cyberattackers from accessing networks and data . While these familiar solutions play a vital role in identifying and blocking a huge number of threats , they are reactive in nature . This presents a particular problem when trying to secure networks against malicious content hidden within files and documents shared in their billions worldwide on a daily basis .
Specifically , securing systems against the risk posed by file-based attachments forms part of a comprehensive approach to issues such as ransomware and zero day threats . One large enterprise , for example , processed 115 million attachments over a period of just three months – a huge opportunity for bad actors looking to distribute malware . Even after attachments had undergone malware scanning , hundreds of files were later found to contain malware , because they had not yet been recognised by the tools as ‘ known bad ’ and could therefore penetrate the organisation .
Among the challenges this presents is that approximately 1 in every 100,000 files contains potentially malicious content , with 98 % of them being unknown by antivirus and sandboxing solutions for anything up to 18 days before they can mitigate the risks . That ’ s a potentially devastating blind spot for networks that are already under immense pressure from cybercriminals who are employing more sophisticated tactics in order to succeed .
Taking a proactive approach means that IT infrastructure is protected from these ubiquitous threats before they reach users via attachments . For instance , comparing the ‘ DNA ’ and content of each file and document to its ‘ known good ’ industry specification enables organisations to proactively eliminate cybersecurity risks . It ’ s vital , however , that this is achieved without negatively impacting employee productivity or disrupting effective user experiences .
As a result , users can be protected from the type of attacks that have proved so effective for cybercriminals looking to distribute malware and exploit a wide range of vulnerabilities that exist across today ’ s networks , services and applications . With the outlook for the next 12 months likely to present both familiar and completely new risks , organisations that fail to review and – where necessary – modernise their cybersecurity strategies are likely to see their levels of vulnerability increase .
In a world of unknowns , this is crucial for organisations that want to focus on building a comprehensive security stack that keeps ahead of the evolution of cybersecurity risks . It also forms part of a rounded security strategy in which forward planning is combined with effective technologies to significantly reduce the risk both before and after a security breach .
The UK / US cybersecurity partnership is a testament to the strength of the transatlantic security and intelligence alliance . As world-leading cyber powers , a combined effort between both countries will see each benefit from this partnership and will better protect our connected nations and beyond . This will offer a crucial foundation for organisations across both public and private sectors to meet the cybersecurity challenges they will inevitably face in 2022 . u

Both governments have a crucial role to play in the fight against global cybercrime , and in many ways , they set the tone for how organisations far and wide approach these challenges . www . intelligentciso . com

69