Posted on 26 January, 2022
OWASP PUBLISHES THE TOP 10 WEB APPLICATION SECURITY RISKS EVERY YEAR. IN 2021, A NEW CATEGORY WAS REPRESENTED FOR THE FIRST TIME: SECURITY DESIGN. IN THIS BLOG ARTICLE, WE EXPLAIN WHY COMPANIES NEED TO BREAK NEW GROUND IN IT SECURITY AND HOW VMWARE IS USING INTRINSIC SECURITY TO INCREASE RESILIENCE AGAINST CYBER THREATS.
It was not obvious for many years. The pandemic has made it visible. A virus in the analogue world has accelerated the digital transformation and the shift towards cloud and edge computing and modern workplace models with mobile and remote desks. And it has shown how vulnerable the IT services of many companies around the world are. A myriad of different security solutions and distributed responsibilities (silos) have done more harm than good to corporate security.
In modern companies, however, the processes and interrelationships are now so complex that hardly anyone can keep track of them anyway. It is therefore not surprising that human shortcomings such as broken access control, misconfigurations, outdated components or identification and authentication failures are also among the top 10 security risks in 2021. Therefore, shifting the responsibility for security to the individual employees is the completely wrong path.
VMware is taking a new approach to IT security with Carbon Black Cloud. Instead of only reacting to threats, VMware relies on AI and Big Data. VMware's intrinsic approach is not a product. The goal is to take the responsibility for IT security away from the individual employee. It takes place continuously and transparently as a process in the background. We explain this using the example of virus scanners.
DON'T GIVE RANSOMWARE A CHANCE
Malware is a major threat to businesses. Malicious code can enter the enterprise through many routes. It often hides undetected for many weeks or even months in a company before it is executed. Most security tools are signature based and only protect against known malware. That leave businesses at risk and vulnerable to zero-day or sophisticated attacks.
Another major risk is the time factor when updating signatures. The time span between the discovery of a vulnerability, the creation and delivery of a signature and the installation of an update allows attackers to penetrate the company network undetected and cause harm.
Very often, there is also no central management of all security products used in the company, which leads to further attack surfaces.
Remote endpoints and edge devices are particularly vulnerable. They cannot hide behind a central firewall or virus scanner. The visibility in public networks makes it easy for attackers to invade. Affected devices are detected much too late and can cause great damage. In order to take appropriate measures, many actions are usually necessary and not infrequently several departments are involved. Read our blogpost on the vulnerability of the Anywhere Workforce.
Intrinsic security involves the continuous monitoring of the behaviour of all devices, end points and data flows, including the internal traffic. The data collected in this way is continuously analysed in real time, put in relation to each other and to historical data, and compared with behaviour that has been learned to be harmless. At the slightest deviation from the behaviour learned as normal or the smallest irregularities, automatically measures are taken. These measures range from alerting security officers to quarantining affected endpoints or completely blocking entire network sections.
All intrinsic security benefits with VMware Carbon Black
- Investigates attacks in real time
- Consolidates the management of multiple prevention needs a single product and console
- Protects from known and unknown threats incl. Zero-Day-Attacks or Advanced Persistant Threats (APT)
- Easier investigation into security incidents and faster mean time to resolution (MTTR)
- Secures your business on-premises, in the cloud, in remote and branch offices (ROBO) and the Anywhere Workspace
- Reduces overhead and TCO
- Manages read, write and execute access for USB devices
Learn more about the Anywhere Workspace in our on-demand webinar. Or visit our landing page on intrinsic security from VMware with many useful documents to download.
Read this checklist to find out what else you can do to protect your data from ransomware.