Enterprises are increasingly being targeted with advanced malware and those with critical infrastructure or supporting critical national infrastructure are primary targets.
Targeted cyber-attacks, one believed to be the key ingredients of sci-fi hacking movies, are increasing by the day in real world and being carried out by exploiting unique organisation-specific vulnerabilities.
We speak with Mark Gazit, CEO of ThetaRay on how enterprises can better equip themselves to defend against the evolving threat landscape.
Techie News: How has the threat landscape differed year-on-year?
Mark Gazit: The threat landscape has been evolving and becoming increasingly sophisticated — both on the cybercrime front, where actors are driven by monetary gain, and on the targeted attacks front, where adversaries can be professional criminals or even nation state actors.
Today’s attacks involve better planning, use more unknown malware, and involve advanced hacking skills. We are also seeing phenomena like Hacktivism become part of the mainstream landscape, and evolving into a threat that has become a concern to every organization and critical infrastructure operation.
TN: What advice do you have for businesses using Windows XP devices?
MG: They should be aware that their inability or unwillingness to upgrade their operating systems exposes them to threats they can’t even imagine.
Their security issues will not only grow with time, but worsen and remain unpatched, making it easier for attackers to exploit and breach their networks.
Of course, our first advice would be to upgrade, but that can be very challenging for organizations that are unable to shut down certain systems for an upgrade.
In such cases, the only other way to handle the situation is to estimate the potential damage from an attack (unplanned downtime can cost up to $8 million per day in certain sectors), plan the upgrade properly and, in the meantime, secure the organization with solutions that can detect unknown threats even after they have already infiltrated the organization.
TN: What kinds of threats are enterprises typically faced with & how does ThetaRay cater to secure against these threats?
MG: Today’s enterprises are faced with two types of threats – those coming for their employees’ bank accounts, and those coming for the company itself (stealing from bank accounts, intellectual property theft, causing disruption, inflicting destruction).
These threats have been plaguing organizations of all sizes for a few years now. The problem is that, more than ever before, attackers are using unknown malware and leveraging legitimate software and OS properties against their victims, which makes it nearly impossible to detect attacks.
The more time an attack remains undetected, the more damage it will end up causing. What ThetaRay does is use hyper-dimensional big data analytics in solutions that uncover unknown cyber and operational threats within minutes.
ThetaRay’s detection platform has the unique ability to monitor and simultaneously analyze all security and operational anomalies across multiple protocols and environments, enabling industrial and financial entities to detect and defeat threats before any damage can occur.
TN: What should they be doing to better protect their company?
MG: At this point, I think every company understands that its reliance on technology calls for an understanding of security for that environment, for its digital assets and for its customers.
To better secure themselves, companies, according to their size and budgets, should have a focal point responsible for IT security.
Their employees should be educated about risks, what security means, and how they can contribute to securing it. Employees have been taught to recycle; there is no reason they can’t help secure their IT and OT environments.
TN: What are the different industries doing to better secure themselves from potential attacks?
MG: Different industries are using a number of in-depth defense methodologies to better secure their organizations.
The typical setup involves layers of security that can include perimeter defense, anti-virus software, IDS/IPS solutions, and then the most crucial part – which is where too many fall short – deploying a solution that can find threats even after they have made it into the networks.
Finding those unknown threats can mean the difference between suffering an APT attack and discovering it in time.
TN: What, if anything, can be done on a government level to prevent an increase in enterprise IT security threats?
MG: When we talk about government, we’re talking about regulation and compliance. I think that governments all over the world understand the importance and impact of cybersecurity on their economies, and have been taking steps to guide organizations towards a more resilient security posture.
Some nations have already inaugurated national cybersecurity centrals to monitor their country’s cyberspace and handle issues raised by security vendors and local organizations.
The more the government provides information, enacts strict regulatory controls, and incentivizes organizations to deploy better security, the better it can help prevent an increase in enterprise security threats as a whole.
TN: Will the BYOD trend make malware a bigger issue for enterprises?
MG: BYOD has already made malware a bigger issue for enterprises. The fact that a sudden and uncontrollable stream of new devices has now entered a previously controlled environment makes it very hard for the security team to keep it secure.
The next big issue is how people use their own devices, which is far more lax and personal than they would ever use an employer’s device.
Here you see behaviors like jailbreaking phones, browsing over open WiFi, using outdated and vulnerable apps, and downloading games with concealed malware or data leaking components that could easily result in a malware infection on the device.
The prevalence of Android-based devices, combined with the fact that 96% of all mobile malware plagues this operating system, makes for a potent cocktail that can easily let malware into an enterprise.
TN: What should we expect from ThetaRay over the next year?
MG: We are preparing to announce the release of our solution, which will then go into general availability later this year. We are also speaking with a number of potential customers and investors, and look forward to a busy year.
