Read Time: 2 Minutes
Security breaches are almost an everyday news item in today’s world. Whether it is the use of brand-new malware to target the victims or well-known techniques to breach unprepared, easy targets, the consequences to the businesses in question are usually severe.
Most security breaches are due to outdated software that leaves the company network vulnerable to attacks. While over 80% of attacks are based on known vulnerabilities, only 30% of companies use a patch management tool to keep software up to date. Using a patch management tool would make updates easier and automated, and cover most attempted breaches. This way your company will not be one of the low-hanging fruit ripe for harvesting.
And what about the 20%?
Most of these could be tackled with proactive protection. It is no longer enough to have just any anti-virus product in place. Cyber defense today is a combination of techniques. Currently the most effective method in the protection arsenal is to limit the available attack surface. In case the attackers still find a hole, then the proactive protection methods step in and detect either exploits or behavioral changes that imply an attack, and prevent the exploit from taking over the system.
Even if the exploit would somehow find a way to run, our behavioral monitoring, cloud-based analysis and other modern methods can counter the attack.
A good example of this was a Flash 0-day attack used by Pawn Storm in the beginning of November. The attack was a phishing campaign targeting foreign affair ministers. Our detection that was already five months old was still able to stop the attack. This is the power of proactive protection.
Timo Hirvonen from F-Secure Labs comments:
This is a great example of the protection you get by combining passionate people and advanced technology like our Hydra engine. We can protect our users from threats that we have not even seen before.
So – to stay safe, update your software, and use proper business security solutions that are able to protect you against emerging zero-day threats.