Advanced threats can take many different shapes shown by ransomware and threats like Stuxnet, but the reason for the threat is the same, to compromise assets. What the malware then does from that point changes based on the intent of the malware writers two extremes, let everyone know you are there to demand a ransom, or take a stealthier approach to steal data overtime, which then either gives direct financial gain (via something like a ransom) or the ability to sell the intellectual property for financial gain.
Advanced threats are not new in the industry, we’ve seen them since the 1980’s.
It is the sheer quantity of new threats and the speeds in which the malware creators are able to change malware and create a new unknown variant. In organisations today it is also the IT team’s responsibility to protect a whole range of devices from the traditional desktop to employee’s smartphones.
Traditional anti-virus vendors products were not designed for today’s threat landscape. They do a great job of what they were designed to do – removing known and common malware – but are unable to stop advanced threats in their tracks, which has led to a whole host of additional technologies to try and prevent, detect and respond the threat.
Our belief is if you want to stop advanced threats in the environment, you first need to understand the environment as a whole and the different attack vectors that are required to be protected, from the traditional gateway to the mobile devices, including user’s smart phones.
We work with organisations of all sizes to understand their security posture, performing GAP analysis and then work with the organisations to implement processes and technologies to mitigate the largest risks first, those risk mitigations can range from user training to locking down endpoints to prohibit users downloading .exe’s etc.