February 16, 2016
Why traditional antivirus isn’t enough anymore—and how to think beyond it.
In 2013, Chinese hackers conducted a four-month cyberattack on the New York Times. Despite having an antivirus system on its network, the newspaper missed 44 out of the 45 pieces of custom malware installed by the attackers.
Here we are in 2016, and the incidents of security breaches are steadily on the rise for companies and organizations large and small. CNN Money estimates that nearly 1 million new malware are issued every day, and cybercriminals are becoming more sophisticated and cagier than ever. http://money.cnn.com/2015/04/14/technology/security/cyber-attack-hacks-security/
What was true three years ago is even truer today: While antivirus technology is still an important basic precaution, it’s just that—basic protection. It’s simply not sufficient to prevent hackers from infiltrating your network.
So what exactly are the limitations?
Traditional antivirus technology, which consists of a firewall, file scanner and removal tools, is designed for blacklisting—identifying bad files and known malware and stopping them. However, this technology is not designed to address the customized malware that accounts for most data breaches nowadays. Sophisticated hackers, like those that infiltrated the New York Times network, wrote new exploit code that no antivirus product had seen before.
Social media and cloud complicate security matters.
Even if antivirus software could detect and deter every virus, individuals and companies still would remain vulnerable to the growing number of attacks targeting social media accounts, cloud services and mobile devices. These attacks often involve cybercriminals hijacking a social media profile in order to send out spam advertisements or links to dangerous websites—and the actions are often carried out entirely on a web browser, not by viruses installed on a computer. With cloud computing, the data stored in the cloud resides outside the protection of a company’s antivirus software.
When an attack happens, you need to be ready.
If you’re concerned about the growing incidence of cybercrime and the security of your IT infrastructure, you should strongly consider advanced malware protection (AMP) like the solutions offered by Cisco.
Built on a wealth of real-time threat intelligence and dynamic malware analytics, Cisco AMP is designed to protect your IT infrastructure (Windows operating systems, Macs, Linux, mobile devices and virtual environments) at all times—before, during and after an attack.
- Before an attack, Cisco AMP uses the best global threat intelligence to strengthen your defenses.
- During an attack, AMP uses this threat intelligence and file analysis technology to block malware that’s trying to infiltrate your IT environment.
- After an attack, AMP monitors all files and network activity to catch malware that may have evaded initial detection and provides the visibility and control to rapidly remediate it.
Cisco AMP is reactive and proactive.
It not only prevents security breaches from happening, but it also rapidly detects, contains and remediates threats if they evade front-line defenses—cost effectively and without interfering with the efficiency of your operation.
Thanks to ongoing intelligence 24/7, Cisco AMP gives you the benefit of 1.1 million incoming malware samples per day from 1.6 million global sensors. These samples are analyzed against more than 400 behavioral indicators to help the Cisco security team prioritize responses. So you have experts working behind the scenes to help ensure the security of your IT infrastructure.
Ready to take the next step?
If this sounds like the kind of cyber protection you’re looking for, let’s talk. As the old adage goes, an ounce of prevention is worth a pound of cure.