SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Asia
Guides
#
cloud security
#
cybersecurity
#
endpoint protection
#
firewall
#
ransomware
Search
Story image
#
Cybersecurity
#
Malware
#
CIOs
When it comes to malware, think like James Bond and trust no-one
Fri, 8th Oct 2021
FYI, this story is more than a year old
By Jonathan Andresen, Senior Director of Marketing, Bitglass
Follow us

Anyone who has ever watched a Bond movie will know that James Bond has a trust complex. Whether it's M, MI6, or a femme fatale – Bond always gets into trouble when he trusts the wrong person.

Arguably though, it's his ‘trust no-one' instinct that's kept him alive through 25 films.

And much like the omnipresent Spectre, cyber-crime continues to adapt and innovate with lethal effect. The recent spike in ransomware attacks over the past six months demonstrates cyber-crime's increasing sophistication.

Thousands of new strands of zero-day malware are created every day, and signature-based protections which rely upon reactive catalogues of threats can't keep pace. Likewise, sandboxing files to diagnose them takes time and can fail to identify sophisticated malware that knows when it is being evaluated.

Without an up-to-date security framework in place, user credentials can be compromised, and sensitive data can be stolen through internal negligence or malicious intent.

Cloud applications and bring-your-own-device (BYOD) can serve as proliferation points for malware when they are not properly secured. Unprotected personal devices can upload infected files to corporate SaaS applications, which can then spread malware to other devices and connected apps.

That's where Bond's ‘trust no-one' approach comes in and why it's so important to implement a zero trust security model.

Unlike traditional approaches where an attacker can exploit cyber-weaknesses upon gaining access inside a network segment perimeter, zero trust treats the identity of each user, application, device and data stream as its own independent ‘perimeter,' allowing granular access policy enforcement.

As a result, rigorous security enforcement continues even if hackers compromise a corporate network — malware is blocked from traversing between user accounts, devices, applications and networks.

According to the 2021 Bitglass BYOD Security Report, 41% of organisations rely on endpoint malware protection for BYOD. However, this approach is not ideal for personal devices which are hard to control and manage.

Cloud-based malware protection tools are often a far better fit but are used far less often. Unfortunately, 30% of organisations don't protect against malware for BYOD at all.

Implementing advanced threat protection (ATP) as part of a zero trust SASE architecture is an important step in proactively blocking known and zero-day threats. Artificial intelligence, behaviour-based protections and integrating a choice of best-of-breed vendors ensure fast and robust threat protection across all types of apps, devices, and infrastructure.

So when you're watching the newest Bond film ‘No Time to Die', think about how different the world would be if we could finally defeat cyber-crime – with advanced technology and a little less trust.

Related stories
Half of online traffic in 2024 generated by bots, report finds
Axis unveils hybrid cloud platform for adaptable security solutions
Keeper Security launches user-friendly passphrase generator
Understanding the key to boosting cybersecurity habits: Kaspersky study
Spirent partners with online payments platform to boost cyber defenses
Top stories
Fortinet recognised as Challenger in Gartner's 2024 Magic Quadrant for SSE
Coalition integrates cyber risk platform with top cloud services providers
i-PRO to support Genetec SaaS with new AI-enabled camera models
Illumio unveils AI enhancements for faster Zero Trust Segmentation adoption
RiverSafe teams up with Cribl to boost IT & data security services