Why Reactive IT Security Practices Don’t Work Anymore

IT-securityJust a few years ago, computer security revolved around discovering attacks after your system had already been breached and taking steps to remove malware and viruses—hoping that they haven’t already caused devastating damage. Getting a virus was a pretty common problem. Security programs aimed at removing known threats after discovery.

But today, this reactive approach to security just doesn’t cut it. Malware, spyware and other threats are far more advanced and capable of stealing your personal data in a matter of seconds. You won’t have time to realize you have a virus before the damage is already done. You must be proactive about your security.

Both costs and threats are skyrocketing

The average annual cost of cyber crime increased by six percent between 2011 and 2012, reaching about $8.9 million. That’s no small chunk of change to think about handling after the fact. Many of today’s enterprises would experience significant financial distress after a loss of that magnitude. And many companies are experiencing attacks at some level practically every day.

There are also a variety of types of attacks hitting today’s corporations. Malware, SQL injection, DDoS, advanced persistent threats (APTs) and many others make it increasingly difficult to adequately detect and remove threats after they occur. In fact, it’s far easier to take preventative action. AV-TEST Institute, an independent IT-security research institute, registers about 200,000 new malicious programs every day. And that’s just malware.

An increased use of cloud computing services brings about new threats; likewise, a rise in BYOD policies and mobile computing open more access points for hackers. Companies are using more third-party applications than ever before, and some aren’t conducting adequate security testing before employing those programs. The reactive approach to security just doesn’t work to protect your enterprise the many threats out there today.

Application Whitelisting is an adequate proactive approach

Application whitelisting is one approach to reactive security that works two steps ahead of potential threats. Instead of allowing applications and websites to enter a company’s security perimeter and finding out later that those permitted applications and sites contained threats or vulnerabilities, whitelisting allows only pre-approved applications.

Using this strategy, you can be certain that every website and application accessed by any user on the company network is safe. This is impossible to accomplish using a blacklisting approach. Whitelisting is so effective that even Microsoft began offering whitelisting capabilities to its operating systems with Windows 7.

For enterprises, combining the whitelisting approach with solutions such as Vendor Application Security Testing (VAST) provides a comprehensive security measure that prevents unauthorized programs from accessing your infrastructure, potentially gaining critical proprietary data. VAST analyzes the source code from any application, evaluating it against your corporation’s existing security rules. Using this approach to first verify the security of any new application before deciding to whitelist a program provides a level of security that wasn’t achievable with the reactive practices many companies have traditionally employed.

If your company has been taking a reactive approach to security, you’re leaving your data vulnerable to hackers and cyber criminals. You can’t afford a $9 million loss, so start taking steps to protect your security perimeter with comprehensive, proactive security solutions.

 

Fergal Glynn is the Director of Product Marketing at Veracode, an award-winning application security company specializing in Veracode rootkit removal tool and other security breaches with effective risk assessment tools.