'Integrate security tools with advanced threat prevention solns'

BANGALORE, INDIA: Indian enterprises are not insulated from cyber attacks. The internet knows no boundaries, and business borders have disappeared. Technology has enabled the explosion of information beyond four walls, and the rapid entry of smart devices means the office can be anywhere.

The best example being Stuxnet which targeted sensitive information by exploiting a zero-day vulnerability in order to infect machines through removable drives. India was home to the third highest Stuxnet infections, after Iran and Indonesia. Stuxnet and Duqu — which broke out late last year - represented true incidents of cyberwarfare and have fundamentally changed the threat landscape. The nature of the threats has expanded from targeting individual bank accounts to targeting the information and physical infrastructure of nation states.

This is because, while data is the most valuable asset in any organization; unfortunately it is also the most vulnerable. It is not the infrastructure but the information that resides within the infrastructure that is most vital today. Moreover, with the increase in the number and mobility of endpoints, security is a topic that is always top-of-mind for businesses. As cyber criminals become more proficient and data breaches continue to make headlines, CIOs/CISOs are consciously taking efforts to secure sensitive information such as customer data, trade secrets, intellectual property and corporate data. Furthermore, compliance to globally recognized industry standards is a reflection of a transparent business.

ALSO READ: Endpoint security: Best practices for CIOs

Adding to this, threats are not only growing in volume and complexity, but security is becoming much harder as well.

Earlier, most organizations would be required to protect desktops, servers and the network. Today, the office can be anywhere — the use of smartphones, tablets and the increasing work-from-home culture is leading to a proliferation of endpoints that each organization needs to manage. This means even as there are newer, more targeted threats to secure themselves from, enterprises have a sudden surge in the number of devices that they need to protect.

Furthermore, endpoints are just the medium — attackers today are going after confidential information that they can exploit to bring a company down or profit from. Bring cloud computing and virtualization into the equation, and this is a security catastrophe just waiting to happen!

How can organizations protect thousands of endpoints from millions of threats?

As confidential information increasingly comes under attack, it is becoming evident that the current security measures are not enough. The most important line of defense is endpoint protection as endpoint devices - from laptops to desktops, tablets and smartphones, for example — are one of the first entry points for malware. To prevent the threat from entering the network in the first place, enterprises need to secure the endpoint. Endpoint security serves as a gatekeeper of sorts, stopping threats before they can cause irreparable damage.

However, as the threat landscape shifts from low-impact threats with a wide distribution to high-impact, narrowly distributed threats, traditional methods of detection aren’t good enough. That’s why we (Symantec) are building on technologies such as reputation. Reputation technology detects new malware faster and more accurately, by assigning a score for nearly every file in existence — good or bad — based on various parameters such as age, download source and digital signatures. It also supports virtual environments and allows for faster, more responsive systems, which can in turn support greater density of virtual instances.

It is essential for organizations to integrate security tools with advanced threat prevention to defend against malware for laptops, desktops and servers and reduce the administrative burden of protecting endpoints against known and unknown threats.

Once the endpoints are secured, enterprises need to ensure that information is protected. - whether it is at rest, or in motion between multiple mobile devices and the cloud. Enterprises need to protect their most critical information — their “crown jewels” — by identifying and prioritizing what is most important.

(The author is managing director, India and SAARC, Symantec)