Despite the fact that targeted and APT attacks are a mainstream security threat — a recent poll by the ISACA revealed that 20% of its members had been victimized by an attack, and 66% of its members anticipated an attack sooner or later — the surprising fact is that many organizations are unprepared to deal with these targeted and persistent threats.
Why is this so? Is it because organizations aren’t aware of the severe and often permanent damage that targeted attacks can inflict, or the fact that these attacks can endure for months — or even years — before they’re identified?
For some organizations, the answer to the first of these questions is yes. They haven’t yet grasped the new reality where targeted and persistent attacks are a matter of “when” and not “if”, though recently an increasing stream of alarming high-profile media stories are jarring some of these organizations into action.
However, many other organizations are facing a different situation. They know that they need protection from targeted attacks, and require no convincing or frightening case studies (that read more like horror stories). So what’s stopping them from taking effective action?
For starters, organizations that want to deploy on-site advanced malware systems must purchase extremely expensive appliances. Plus, these appliances demand a lot of implementation and integration work.
And that’s just the start. Once the on-site advanced malware system is deployed – and it’s a complex, time-consuming initiative – there are ongoing, expensive maintenance fees.
And on top of this, organizations must invest heavily in staff training — and often hire new specialized employees — to ensure that the on-site advanced malware system is regularly audited, and is working effectively with other security system components, such as firewalls, IPS, IDS and Secure Web Gateways.
Once all of these items are added up, it’s simple to understand why many organizations are hesitating to take action. It’s not that they don’t know how devastating targeted and persistent attacks can be, it’s that they can’t justify spending excessive amounts; especially in today’s volatile global economic climate. Fortunately, there’s a new and better alternative: head for the cloud!
Cloud-based APT detection solutions require little capital or IT infrastructure expenditures – because they aren’t on-site. Instead, they reside in the cloud and scan botnet traffic and customer’s traffic logs for indicators of a compromise. If an infection or a breach is detected, organizations are immediately and proactively informed via a secure web-based dashboard and email alerts. Plus, the results can be integrated into existing security solutions to block, quarantine or remediate the malware. And since cloud-based APT detection solutions are designed to be very “user friendly,” organizations aren’t forced to invest in costly training, or hire new specialized IT security staff. Set-up is also immediate, and due to the fact that traffic does not need to be redirected through the solution, there is no concern for network interruption or down time.
Ultimately, cloud-based APT detection solutions are the most cost-effective solution for organizations that want a superior level of advanced threat protection that protects every aspect of their network, including remote employees, BYODs, partners and even their customers.
