Malware is a broad term that encompasses any form of software designed to damage, steal or corrupt data. Ransomware, trojans, worms and rootkits are common malware examples, but the list is far more exhaustive, making fighting malware a normal part of operations for SMBs and corporations alike.
A recent cybersecurity report indicates that more organizations are coming under attack with very costly consequences. One in three businesses hit with malware in 2016 experienced a 20 percent or more revenue loss. A separate report found that one in five companies targeted by malware will go out of business (this is especially true for SMBs). Despite the documented and highly publicized threatscape, 90 percent of companies invested more heavily in IT security in the aftermath of a breach.
Five Ways to Mitigate Risk Now
Being proactive against malware isn’t just a good idea, it’s a business imperative mandated by due diligence and compliance, and five steps outlined in Cisco’s report. In this white paper, Cisco advises:
- Fortify the Perimeter
Address threats as close to the network perimeter as possible to prevent malware from reaching endpoint devices. Implement a network-based security solution to utilize cloud and onboard sandboxes for evaluating potential threats.
- Protect Inside the Network
Choose advanced protection that looks for malware on network segments that store sensitive technology assets.
- Protect the Endpoints
Ensure strong defense at each endpoint, and don’t rely on perimeter security for blocking all threats. Endpoint protection must include personal devices, even those not connected through the company network.
- Analyze Threats
Keep track of all egress traffic for exfiltration of sensitive data. Command-and-control traffic should also be analyzed for signs of a compromised device.
- Quarantine Malware and Prevent Reinfection
Quarantine and clean infected devices. Track every file on every device to identify patient zero (the first infected victim) and ensure all subsequent infections are cleaned.
Keeping Your Endpoints Protected with One Tool
One cannot begin addressing the threat landscape without considering the risk endpoints bring into an organization. But it can get murky understanding where endpoint protection (EPP) and endpoint detection and response (EDR) begin. Garter recently pointed out that, “by 2019, EPP and ER capabilities will have merged into a single offering.” This a positive for our customers, as it provides a comprehensive set of capabilities within one platform, eliminating the need to manage two different solutions. Enter Cisco Advanced Malware Protection (AMP).
Cisco’s AMP combines malware detection, malware prevention and malware protection all in one. It introduces the latest in global threat intelligence and advanced sandboxing for keeping the most sophisticated malware at bay by:
- Delivering unmatched global threat intelligence to strengthen front-line defenses
- Providing deep visibility into the origin and scope of a compromise
- Rapidly detecting, responding to and remediating malware
- Preventing costly reinfection and remediation scenarios
- Streamlining protection everywhere—network, endpoints, mobile devices, email and web—before, during and after an attack
AMP has been researched by Tech Validate, and its findings speak for itself:
- 86 percent of users agreed AMP for endpoint protection increased their security effectiveness.
- 88 percent of users believed AMP detects threats faster than other security solutions.
- 72 percent believed AMP accelerated overall incident response rate.
AMP has been used by industries all over the globe. Prominent users include Georgetown University, Yokogawa Electric Corporation, TMB Bank Company, HCL Technologies and even the Saudi Arabian National Guard.
The threat of malware requires robust security designed to combat it, and AMP is a powerful tool for threat remediation. Not sure if Cisco AMP is a right fit for your security strategy? Contact one of our security experts to discuss your security profile and better understand the gaps that are putting you at risk. Now is the time to plan – not after the attacker is inside.
LEARN MORE: Understanding a CIO’s Role in Cybersecurity