Security Connected

Are Enterprises Flying Blind When It Comes to Advanced Malware?

0
By on Mar 20, 2014

The worst attacks are not always the fastest moving ones—the ones you should watch for are those that sit and wait. Advanced malware often exfiltrates data by patiently waiting for its opportunity to strike—stealing it one small piece at a time in the background.

Given this reality, what do organizations think about the dangers of advanced malware? Our friends at Webtorials conducted a survey of IT professionals to find out. The study found a high level of awareness around advanced malware, but also found that most organizations do not possess the means to detect, isolate and repair the damage. Investments in better tools are being made, but current policies only mask these security issues, rather than resolving them.

Here is an overview of the more notable survey findings:

1) Awareness

94% of organizations said they are aware of the dangers advanced malware poses, and another 73% said they view advanced malware as a significant concern. Surprisingly, only 31% employ specific tools to fight against them.

ATD_WEB_1

Data from Webtorials study: “Doing Battle with Advanced Malware” 

2)   Threat volume and resources

57% say they experience fewer than five attacks in a week. This seems low, but could result from a lack of appropriate tools to detect the attacks. Considering that 24% of respondents spend upwards of 10 hours a week on advanced malware incidents, which more closely corresponds with those who have appropriate detection tools, could point to a large percentage of respondents being ignorant to many attacks.

ATD_WEB_2

Data from Webtorials study: “Doing Battle with Advanced Malware” 

3)   Current Investments

40% of those surveyed said their organizations possess tools for detecting, blocking, and remediating advanced malware threats, while another 30% possess tools for detection and blocking, but not repair. The final 30% said they have no advanced malware security tools, or that they’ve invested in detection tools only, leaving them with no way to address and repair in the event of an incident.

ATD_WEB_3

Data from Webtorials study: “Doing Battle with Advanced Malware” 

Summary

While a good portion of enterprises are aware of advanced malware and consider it a huge or significant concern, many do not prioritize it when it comes to security. The majority of the prevention budget goes toward detection-only tools that offer no solutions for stopping and eradicating malicious code that has already gotten in. Even though enterprises don’t seem to experience a massive volume of advanced malware incidents each week, they spend a substantial amount of time resolving the few that they do get. Currently though, Sandboxing is still the most commonly used tool to identify malware, but alone it cannot alert a business to network threats with complete accuracy or speed—nor stop them once they have been identified.

In order to not only preempt but also mitigate advanced malware, enterprises should take an integrated and layered approach. In addition to detection, it is crucial to have a way to halt and clean up any damage that an infection may have caused. Together with traditional network security solutions, new multi-faceted tools can work together to create a holistic comprehensive approach to halt advanced malware and other threats before serious harm can be done.

For more information on, and more solutions to fight advanced malware, read Webtorials’ “Doing Battle With Advanced Malware” survey.

 

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>