Is your AV causing more harm than good?
In the second webinar in the series ‘A Comprehensive Guide to Cybersecurity’, Daniel Matthews from Panda Security Africa explains why organisations need to adopt a proactive and multi-layered approach to cybersecurity.
In the past 40 years, digital transformation has had a significant impact on organisations and global economies. Technology as an enabling factor has changed the way we build and defend wealth, and how we exert power over others.
Technology developments have helped organisations and nation states increase efficiencies, manage processes and communicate more effectively.
Today, competitive advantage is increasingly derived from technology-enabled resources like cutting-edge software, valuable data and connectivity. Motivated by economic gain and political power, cybercriminals and state actors look for ways to exploit these assets. Recent headlines highlight the innumerable incidents and significant impact of cybercrime.
These tactics have become known as the new-age weapons of war and are being used for the purposes of theft, extortion, and the circulation of propaganda - with the objective being the transfer of wealth and power.
The cybersecurity conversation needs to change
Matthews says it’s important to understand why the conversation around cybersecurity needs to change. Over the years the focus and tactics of cybercriminals have shifted from file-based viruses to fileless and now malware less attacks. The target has also shifted from servers to an increasing focus on Endpoints. Matthews explains that by penetrating endpoints, attackers can act as though they are the legitimate user and exfiltrate information, gather intelligence or launch further attacks without being detected by traditional models of security.
Many organisations are still relying on the traditional model of AV alone, leaving massive gaps in their defences. We need to reassess how far AV technology goes in protecting us from the advanced threats we face today in order to identify where we can do more to mitigate these risks.
Matthews explains that a key reason why we continue to hear about data breaches and attacks is because organisations are placing all their trust in their AV and looking no further than that.
In outlining the solution to the current threat landscape Matthews refers to an analogy of car safety – as technology has developed cars have become faster and more safety measures are needed. We now rely on numerous layers of car safety such as seatbelts, ABS braking, and airbags – not neglecting one element or another.
Continuous evolution of cyber security
Similarly, as attacks become more sophisticated, security solutions have evolved. These solutions can be used to create a comprehensive cybersecurity strategy, made up of multiples layers of technology including traditional AV, next-gen solutions like EDR (Endpoint Detection and Response) technology and Threat Hunting services. Specifically, the new paradigm of cybersecurity that Matthews recommends includes next-gen EDR technology that monitors and responds to all programs running on endpoints.
Panda Adaptive Defense 360 (AD360) is designed to deliver highly automated levels of prevention, detection, forensics and remediation by providing limitless visibility and control over the organisation’s network. AD360 integrates Endpoint Protection (EPP) and Endpoint Detection and Response (EDR) capabilities with a 100% Attestation service – validating all running processes.
Only binaries certified by Panda are allowed to run. Adaptive Defense 360 is designed in such a way that additional layers of security such as a managed Threat Hunting and Investigation Service (THIS) are included.
Beyond stopping attacks, a comprehensive, multi-layered security approach including Threat Hunting and SIEM solutions helps organisations identify risk areas in order to mitigate future security incidents. A layered approach will better equip you to address advanced attacks and will provide the visibility and insight to strengthen your security posture.