As we round out 2018 one thing is apparent. While some organizations are getting better at protecting themselves using a variety of tools, new infections are occurring at an ever alarming rate, nothing in 2018 has changed.
Most Technology is still reactive
Although we are seeing new technology emerge that can proactively protect networks from attack, largely organizations are still utilizing old methods of detecting but rarely if ever can protect against targeted attacks. Sure commodity malware is stopped by the latest IPS systems, but targeted malware is not detected due to the manner in which companies utilize intelligence to protect networks. Most if not all of the top products are still protecting networks utilizing indicators of compromise (IP addresses, domains, hash sets, etc.) which typically only tell you there is a problem after the fact. Companies are spending record amounts of money on cyber security "protection" yet they are still being breached. The problem is that no amount of money can adequately secure a network and utilization of IOC data will always put companies in a reactive mode unless they can automate the protection utilizing this data proactively which most companies have failed to do.
The only way to stop this trend is to stop the bleeding. Here are some tips on what Jigsaw Security has done utilizing the Jigsaw Threat Mitigation Model (JTMM) to help our MSP clients top the bleeding.
Stop using IOC's for protection
Proactively block known bad IOC's but don't rely on this to prevent infection
Utilize behavior and heuristic detection to stop targeted threats
Monitor, log and use analytics to make near real-time decisions
Reset bad communications - interrupt the session if something is malicious
In short IOC's are always gonna be after the fact and reactive, you can do better than this by utilizing known data from previous compromised systems and entities. This entity based data is applied first dropping known bad domains and sources. Once you have blocked the commodity and widely known malware, the next stop is to apply intelligence algorithms to drop targeted, never before seen malware that was written to attack your organization. This is done with AI and machine learning as well as heuristic detection (Jigsaw FirstWatch).
Saving the Industry
Unless the industry stops utilizing outdated techniques to protect themselves, nothing will improve and attacks will continue to get worse. Year over year the industry keeps doing the same thing over and over expecting change, and well you know what they say about repeating the same mistakes and expecting a different result... INSANITY!
The Jigsaw distributed method of protection ensures that companies are protected against known and unknown threats utilizing the latest AI and technologies to reset malicious communications thereby dropping the connection and keeping the bad actor out of your network.
To learn how to do this and how to apply the JTMM in your network, reach out to a Jigsaw Security sales or engineering team member to talk about how Jigsaw can put you in front of the competition and make your network as secure as possible using protecting technologies instead of repeating the same insanity that we are seeing across the industry. You see Jigsaw Security get's paid when we are successful in stopping threats whereas our competition want's to come in and clean your infection all the while charging you 2 to 3 times the normal consulting rate. In short they don't want the infections to stop because that's how they make their living and take advantage of customer misfortune.
Before you spend another dollar on an inferior solution, get a demo of the Jigsaw Security solution today!