As organizations prepare to defend themselves in a new era of ransomware threats, one of the
               most significant hurdles will be to make the mindshift away from traditional antivirus and

               perimeter security solutions. While these technologies often provide a layer of security defense,
               they are rapidly becoming obsolete as reliable standalone solutions against a new wave of
               sophisticated ransomware attacks.


               For many organizations, making this mindshift will require viewing malware from the perspective

               of the cyber criminals – as a numbers game. Trend Micro, for example, has certification for
               99.48 percent protection against zero-days, “compared with a vendor average of 97.77 per
               cent”. Mimecast and Symantec claim 100 percent effectiveness, while McAfee, asserting that

               most zero-day threats come from the web, says it can achieve 99.5 percent effectiveness by
               adding in-line file and code emulation technology to its web gateway solution.


               Yet, hackers only need to get lucky once and in light of massive volumes of emails transmitted
               by every business on a daily basis, they have ample opportunity to do so. If anything,

               WannaCry demonstrated that anti-virus defenses are no longer useful against these attacks.
               Antivirus solutions only detect code already known to be a threat – not the new threats and
               zero-day attacks being devised by phenomenally well-resourced, state-sponsored hacking

               groups on a daily basis.
               As zero-day threats continue to mutate and target businesses and industries in new and
               unknown forms, businesses will need to first let go of their death grip on legacy security

               solutions with the understanding that today’s threats are stealthier and more sophisticated than
               ever before, and will likely evade their standard defenses.  But what might be vastly more

               difficult for enterprises going forward will be accepting that cyber attacks aren’t inevitable, but in
               fact preventable, and then not giving them the chance to enter the network in the first place.


               About The Author
                                              Simon Taylor has worked in Information Technology and Security for
                                              over three decades, with extensive experience across product
                                              innovation, business development, business transformation and IT
                                              operations management. He has held senior positions at leading
                                              technology and financial services companies across Europe, Asia,
                                              Latin America and North America; with the last ten years at HSBC,
                                              where he most recently ran IT Operations across the Americas. Simon
                                              is currently VP of Product and Consultant to the Board of Glasswall
               Solutions Ltd, the award-winning UK cyber security innovator.


                    49   Cyber Warnings E-Magazine – August 2017 Edition
                         Copyright © Cyber Defense Magazine,  All rights reserved worldwide.