After marketing commercial antivirus software for over 25 years, Symantec Corp. recently announced that traditional antivirus software is dead and traditional antivirus tactics are doomed to failure. They stated that part of the problem is that an increasing number of exploits use novel rather than known malicious code, so signature-based defenses plus the use of heuristics to identify Zero-Day vulnerabilities is no longer enough.
Since it is virtually impossible to stop all cyber-attacks and intrusions, Symantec declared that they are shifting their focus toward minimizing the damage caused by security breaches ‘after the fact.‘ Cyber threats are no longer limited to viruses, with multiple types of malware posing their own sets of challenges. Malware is also focusing more and more on mobile devices due to the increasing popularity of the mobile platform, and social engineering is still a common way of breaching security, something that no antivirus or antimalware solution can resolve.
Symantec’s efforts represent a broader shift in the cybersecurity industry, a shift which is reflected in the newer technologies being developed by the cybersecurity industry as a whole. Rather than simply trying to keep hackers out, some current technologies aim to attract hackers using honeypots, and once they have breached the defenses and are behind the firewall, the plan is to confuse them using diversions such as fake data. Others try to make the stolen data more difficult to use. Some scan for malicious code that made it past the initial defenses and use cyber forensics to examine how the breach happened. In the case of Symantec, their focus will be on creating response teams to sell intelligence about specific cyber threats so enterprises can understand why they were targeted.
Other traditional antivirus makers such as McAfee and Intel Corp.'s security unit have moved in the same direction. International Business Machine Corp. recently launched its own Threat Protection System Suite that uses methods such as behavioral analytics to look for irregular computer networks behavior to defend against Zero-Day attacks, breaches and general and targeted attacks.
To impose tighter controls, sandboxing has been proposed as one way to monitor information systems inside an organization, but is this really feasible as a general rule? The overhead alone may not be sustainable over the long-term, and depending on the rules implemented, this can make life difficult for end users (leading to more help center calls) and would not necessarily protect against malware introduced by removable media, for example, or against data leaks through social engineering.
Just as there are multiple attack surfaces and points of weakness in any network, there must also be multiple points of defense. Since enterprise infrastructures vary widely and every organization has different security requirements, there is no magic bullet, no all-in-one security solution. If dealing with security breaches after the fact is the wave of the future and keeping cybercriminals out is a losing proposition, where does a specialized email security solution like Netmail Secure fit into the picture? Netmail Secure is a policy-based email security solution that integrates leading anti-spam, anti-malware, content filtering, data leak prevention, and encryption to stop inbound and outbound email threats. The one thing that virtually all enterprises have in common is the need for secure email management. Since email is a mission-critical part of doing business, Netmail Secure is and will remain relevant. With many enterprises implementing virtualization, traditional desktop antivirus/antimalware solutions may be less relevant than they were in the past, but a strong security solution at the gateway that provides heuristic and signature-based scanning is always needed to process SMTP traffic and screen messages entering and leaving an organization.
Whether your messaging system is on premise or in the cloud, keeping your data secure and keeping malicious code out will always be a crucial part of keeping your organization’s most valuable assets safe. A solution like Netmail Secure is and will be a relevant means to achieving that goal.