What Attacks Like Home Depot And Sony Tell Us (Information Security Buzz)
If you think that high profile companies like Home Depot, Sony, JP Morgan Chase and eBay don’t have sophisticated cyber security measures, you haven’t been paying attention. Because there are so many ingenious ways into a network, the story is no longer about deflecting the breach (although still important) but rather cutting off malware’s ability to command and control. What these high profile incidents have taught us is that despite layers of defensive protection, there needs to be an active means to prevent these malicious agents from carrying out their programming. The key is faster identification and blocking communication to their source. We know, like in the case of Sony, that the longer an agent can “play” in a company’s infrastructure, the more disruption and data leakage is likely to occur.
Hitherto people have generally assumed that it was possible to keep malware out of a corporate network with the right protocols and products. They have felt that the occasional breach would be caught by antivirus software on an Intrusion Detection System (IDS) before anything too serious could happen. This idea would seem to be almost criminally complacent.
Read the rest of the article at Information Security Buzz