External Threat Management

The Battle Has Moved to the Endpoints and Beyond

The digital threat of web-based malware has caused a shift in investment into more perimeter-based security systems that focus more on detection and response rather than prevention in 2015, explains Ericka Chickowski, reporting on recent Ponemon findings in Dark Reading.

The survey, based on the responses of over 700 IT and IT security practitioners, shows that an astounding 95% of organizations reported that they are moving from prevention to a detect-and-respond-based approach to security. It also found that 80% of the respondents consider web-borne malware as their most frequent attack vector and 68% of organizations represented consider endpoint security as a higher priority in 2015.

But what exactly constitutes the perimeter these days? Does it end at the cloud services? Does it end on web servers, routers? Is it employee devices? What about digital-based assets like websites, mobile sites, mobile apps, etc. Who's guarding them?

The best security programs will have strategies for all of the above in 2015 and beyond.

Adding to the complexity of the challenges sitting on a CISO's desk are modern trends in malware like malvertising, that targets individuals, and shadow IT, creating huge knowledge gaps.

As reported in CSO Online, only 8% of companies know the scope of shadow IT at their organizations. Experts from the Cloud Security Alliance point out in their findings that companies typically underestimate their usage of cloud services by a factor of eight.

The impact of shadow IT can mean a massive array of public-facing assets are connected to the web that have not yet been properly accounted for or secured. These assets make great targets for malware authors and cyber thieves looking to launch attacks on customers.

Another threat vector where attackers are finding a footing is malvertising. Even the world's largest and most technically advanced ad exchange is vulnerable. One particular malvertising campaign that had been running since mid-December was recently uncovered on Google's AdSense Platform.

The point is that the enterprise perimeter is now well beyond the confines of a corporate datacenter, and so are the digital threats. The bad news is that no silver bullet exists to counteract these digital threats.

At this point, it's anybody's best guess on who the next targets will be and through which threat vector the next attack will run. Therefore, the perimeter is a critical area to factor into any risk equation. On the Internet -- where websites, mobile applications, mobile websites, etc. collide with customers and cyber thieves alike -- the risks are substantial.

While organizations may be adding solutions to their arsenals to combat digital threats at the endpoint, they may want to consider what else constitutes their perimeter. Is 2015 the year to wrestle control back over the sprawl of digital assets and reign in shadow IT? Is it the year to proactively counteract outward-facing threats targeting users rather than waiting for complaints to come pouring in or the media to find out? Let's hope so.

Back to RiskIQ Blog

Subscribe to Our Newsletter

Subscribe to the RiskIQ newsletter to stay up-to-date on our latest content, headlines, research, events, and more.

Base Editor