A Defensive Approach in Cybersecurity is the Need of the Hour

Going by the adage “Prevention is better than cure”, it’s high time we adopted the defensive approach in cybersecurity.

Ask any sensible cybersecurity expert and he could endorse the view that it’s the defensive approach that works the best when it comes to cybersecurity.

Kicking off the 2018 Black Hat Conference, Black Hat founder Jeff Moss mused, “…attackers have strategies, but defenders only seem to have tactics.”

Well, this is not how it should ideally be. We need to work out a total shift, from the offense to the defense, when it comes to cybersecurity. That alone would help us stay afloat in today’s world, in the times of ever-increasing sophisticated threats and cyberattacks.

Coming back to the Black Hat Conference, which took place in August, Parisa Tabriz, director of engineering at Google, too seemed to echo these points in her keynote address. She stated, rather emphatically, that it’s high time organizations stopped playing “whack-a-mole” with their security. She was referring to security experts responding to threats only after they emerged.

CSO had reported, in August, “Tabriz explained what Google is doing to improve security. She used the analogy of security experts playing the carnival game “Whack-a-Mole,” responding to threats only after they’ve emerged. Real progress comes from a more collaborative, and strategic approach to defense.”

Tabriz is right in pointing out that in today’s interconnected world, it’s really important that we turn more strategic and collaborative when it comes to defense.

In a recent article in Forbes Custom, Bob Grossman discusses, in the light of the present situation, such thoughts shed by key speakers at the Black Hat Conference. Bob points out how audio video platforms, as well as enterprise networks and endpoints, are vulnerable to malware. He explains, “In particular, audio video platforms, which are used by companies of all sizes, are particularly vulnerable to malware. Every day, an estimated 350,000 new malware samples emerge [AV-Test], ready to infect enterprise networks and endpoints. The industry benchmark of 99% effectiveness — even for AV solutions built on AI — leaves the doors open to thousands of viruses, trojans, worms and other malicious code.”

Bob speaks on what needs to be done; he says, “Companies of all sizes — and the AV vendors that serve them — need to rethink their approach to combating malware.”

The Forbes Custom piece dwells on how “detect-remediate” had continued to be the dominant paradigm ever since the first viruses appeared decades ago and how it needs to change. The article further states, rather emphatically, “But detection does not equal protection. Detection relies on prior encounters with malware, via signatures for known malicious codes. Detection-centric approaches, even with AI, don’t protect businesses against unknown malware.  Actual protection stops the onslaught by combining intelligent detection with auto-containment of unknown files.”

Bob Grossman observes, “The key is to keep users productive, while allowing for the opening/execution of unknown files and executables in a virtualized setting, with cloud-based threat intelligence in place to quickly deliver a final verdict as to whether the files are malicious or not.”

The moral of the story is, in today’s highly complex cyber landscape, to emerge as real winners, cybersecurity experts should focus on actively building their defensive lines.

Yes, we need winners in the game of cybersecurity…real champions who’d beat the cybercriminals by consistently playing defensive!!!