A number of companies nowadays seem to be unperturbed by the rash of malware attacks that have occurred in recent months. Even certain system administrative and security tools have been compromised in incidents of new-generation malware wreaking havoc in various countries worldwide.
Email security provider Proofpoint, in its quarterly report, cited: “Threat actors appeared to double down on smaller, more targeted campaigns with banking Trojans and information stealers. At the same time, mobile and social threats continued to evolve, drawing more people to phishing pages and malicious software.”
During the first quarter of the year, more than four times as many new ransomware variants showed up, compared to the year-ago quarter, the report detailed. Email-based attacks featured a mix of malicious URLs and attachments, a departure from massive incidents in 2016 that used attachments alone.
The question that comes to mind is what priority measures are key decision-makers doing to protect company information from further security breaches and cyber attack incidents. American startup specializing in endpoint security, Barkly, reported that around one-third of organizations whose IT heads were sought for comments do not regard the presence of malware an extremely serious matter until damage has become quite evident.
Notwithstanding gaps in their security, IT professionals handling the crucial task of keeping their organizations secure from cyber threats and other malicious intrusions do not seem inclined nor poised to implement major changes in their institutions’ cybersecurity practices. Among those surveyed, only less than half said that a malware incident successfully executing would prompt them to switch solutions.
Why is this so? A number of factors may account for some organizations’ decision to refrain from investing on resources to prevent recurring or future cyber attacks. Beyond constraints in resources, there is the prevailing attitude that “infections are inevitable” and the IT professionals from the organizations surveyed assume that restoration of systems after cyber attack can be done anyhow. For computer systems penetrated by ransomware, mitigation measures like backups can restore encrypted data.
Most of the IT professionals adopted a reactive mindset. They were more likely to take a reactive attack response rather than proactive prevention. Nonetheless, it does not mean they were not mindful of tools that can be an invaluable asset to a business enterprise.
To protect their organizations from cyber attacks, IT professionals fortify their defenses and institute policies, including guiding employees to veer away from hubs for cyber criminal activity. A layer of protection may be a product that scans incoming and outgoing internet traffic and identifies threats. Opting for the best paid VPNs may also help individuals or firms avoid exposure of sensitive information.
The current priorities organizations buckle down to are:
- cleanup of infections such as malware successfully executing
- quick response to successful infections
- blocking of malware during runtime
- prevention of malware executing
- prevention of malware landing on endpoints
Chief technology officers and cyber security specialists acknowledge that while malicious software and methods used by cyber criminals have become more sophisticated, combating them entails resources and even a revamp of existing structures. While most may opine that not every malicious intrusion can be nipped in the bud, it does not mean organizations are not keen on using preventive measures.
The tack that organizations are using is to zero in on impending attacks as close as possible at the point of infection, before considerable and irreparable damage is done. In any case, having a strong plan to protect an organization and its assets from cyber attacks still remains fundamental.
[su_box title=”About Lisa Froelings” style=”noise” box_color=”#336588″][short_info id=’103305′ desc=”true” all=”false”][/su_box]
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.