Endpoint security, with the human factor involved, is a core element in security implementationBusiness Security News, Cybersecurity, End-Point-Protection, Malware // 29.03.2016
In the digital age, every business is a target. The amount and sophistication of cyber-attacks is increasing and the attacks are getting more and more targeted. Despite the changes, the endpoint remains the weakest link, as human error cannot be overlooked. After all, it is much easier to trick an unsuspecting employee into clicking a malicious link than it is to break through a company firewall. The Verizon 2015 breach investigations report shows that 23% of employees are likely to open a phishing email, and 11% would open an attachment from an unknown person.
There are numerous examples of organizations, both big and small, that have fallen victim to phishing and other email scams, or have had their network breached with a malicious website or downloadable link. According to a recent study, social engineering is actually the top hacking method. Sites that look quite respectable, such as ecommerce sites, are often lucrative targets for cyber criminals. Even if organizations train their employees to understand security risks, it is very hard to avoid all human errors. And once the attacker has gained entrance, they can start moving laterally within the organization to get to the resources they seek.
Sean Sullivan from F-Secure Labs explains:
Because of the human factor, companies no longer own their perimeter as a whole. In addition to the possibility of plain human error, employees have also probably installed Dropbox or other external cloud solutions on their work computer, so everything in the company network is no longer under the IT staff’s control, as the employees have extended it. This is often for good reason, as they need to work efficiently. But, as people make things complicated, it is important to get the basics secured properly.
Efficient endpoint protection needs to be approached with layers of protection that each handle their own share. Most malware can be detected with static scanning engines, which gives the benefit of stopping the malware before it executes. When combined with behavioral and heuristic protection, sandboxing and other modern protection technologies, you get next-generation protection for your business. Additionally, using the heavy artillery for known threats would be wasting money and resources.
However, static scanning engines alone are not enough. Advanced technology, such as F-Secure DeepGuard, takes care of the new, previously unknown threats. DeepGuard is our heuristic agent that uses behavior to categorize samples. If something looks suspicious, it checks the backend for the reputation. If the potential threat has low or no prevalence, it is considered bad, and blocked. This creates close to a million detection reports on top of the bulk and increases the protection and block levels close to 100% at all times.
Due to endpoint vulnerability, the malware protection effectiveness of your security software can make a big difference. Our Labs handles 450 000 samples and 6 billion reputation queries each day. About 30% of those turn out to be malware or PUA (Potentially Unwanted Applications).
So even if the difference between the protection rates of modern, state-of-the-art malware protection software and something “average” can be only 2-4%, it is actually quite noticeable when put into concrete figures. F-Secure Labs alone handles 135,000 malicious samples each day. And, as an example, 3% of 135,000 is 4,050. Are you willing to bet your security on that?
In 2016, Gartner has also acknowledged our efficiency in anti-malware protection, as we reached Visionary status in Gartner Magic Quadrant for Endpoint Protection Platforms. The Gartner report evaluates companies and solutions based on focus primarily on anti-malware effectiveness and performance, management capability, protection for Windows and non-Windows platforms, application control, vulnerability assessment, and emerging detection and response capabilities.
Definition from Gartner Magic Quadrant for Endpoint Protection Platforms
Mira Sivonen from Corporate Offering Development says:
In our new strategy, we put our company focus on holistic cyber security, where consistently good endpoint protection is a key element. And the way forward is clear: we will continue to develop new innovative solutions. After all, visionary malware needs visionary protection.