The security landscape must evolve to deal with new cyber threats

Remediation isn't enough any more

Organisations' threat surfaces are growing, increasing their vulnerability to cyber attacks. As well as the traditional physical and software surfaces, the network is increasingly a key part of the business - and one of the most vulnerable.

The adoption of new online technologies like the cloud and internet of things means that the network is a larger target than ever for attackers, open to DDoS, ransomware and good old-fashioned human error.

Social engineering, whether that is phishing or malicious insiders, presents one of the largest threats to a network, making it easy for attackers to move in or for data to be leaked out. Neglecting to address network abuse like this can cause widespread problems for a business.

Traditional security, focused on protecting physical endpoints through an agent, has not kept up with this new threat landscape. The difference comes down to remediation versus prevention.

Remediation is the tactic of post-threat cleanup; for example, attackers that have already bypassed existing security measures like firewalls and are present on the network - probably making themselves known after causing damage. Remediating these threats is an important part of protecting the network, but isn't suited to dealing with threats like ransomware; by the time the damage is found, it's often too late to fix.

‘Prevention is better than cure', as the old adage goes; proactively working to stop attackers from gaining network access is a much safer method of protecting your data than removing those same attackers after they have caused harm. Although cyber security experts today acknowledge that there will always be some bad actors that get through defences, it is still important to have protection in place. Proactive prevention requires technologies that are able to detect and block unknown threats, in order to deal with new strains of malware and ransomware.

Cost is the primary reason that businesses rely on remediation instead of prevention: tools to protect against unknown threats are more expensive. A Dell survey from last year showed that more than half of IT decision makers consider cost to be one of the most significant constraints to adopting new security measures.

In the long run, investing in proactive prevention will often be cheaper than trying to fix problems after they arise - especially if those problems involve locked files and the need to fully rebuild a network to get rid of lingering traces of malware. There's no need to choose between the two approaches; a fast response and remediation is necessary when attackers do get through.

Security, as mentioned above, must evolve to counter modern threats. Proactive prevention helps businesses by avoiding damage to endpoints; reducing or eliminating manual threat removal; reducing downtime; and freeing up staff to focus on other key issues.