The internet of things (IoT) will put pressure on enterprise security because attackers will have more delivery...
vehicles for malware, says security firm Proofpoint.
“Attackers will exploit the low-hanging fruit of all the devices with full operating systems that are not being patched and managed from a security point of view, Proofpoint chief executive Gary Steele told Computer Weekly.
With an almost endless supply of new IP addresses to compromise, attackers will be able to get round IP reputation-based security systems relatively easily, said Steele.
That, coupled with the increasing use of zero-day threats to bypass signature-based security systems, means enterprise security strategies will have to deal with these new threats, he said.
This means enterprises will need to ensure they have some form of sandboxing technology as one of their defence layers to identify and deal with malware that has not been seen before.
Enterprises should also expect malware to get through, so they must be able to identify malicious activity and shut it down quickly, he said.
Read more on the IoT
“For this reason, a lot of what we are doing at Proofpoint is focused on reducing the time to remediation after a security event through automation,” said Steele.
This approach is gaining traction as the number of incidents that organisations are faced with has increased dramatically.
“But most businesses are unable to increase the size of their information security teams, and therefore need to apply technology to increase the efficiency of their response to security alerts,” he said.
Proofpoint believes cloud computing is essential to enabling enterprises to achieve greater security efficiencies with lower cost of ownership.
“Cloud-based systems are typically easier and faster to deploy, they require less management and the increased compute power enables dynamic sandboxing and malware analysis to boost detection capabilities,” said Steele.
Proofpoint couples these cloud-based capabilities with remediation capabilities and the ability to protect enterprise uses from malicious email links, whether they are on or off the corporate network.
“If our system detects a potentially malicious embedded link, that link is rewritten before the email is delivered,” he said.
“That means that if the recipient clicks on the link, they will be redirected to a cloud-based evaluation service, which will allow the connection only if the destination is not malicious.”
Proofpoint recognises that most enterprises have heterogeneous IT environments, said Steele, and therefore designs its products to integrate with most other security products.