Only a few years ago, corporate board rooms across the globe struggled to see the ROI of IT Security. Meanwhile, vulnerability management didn't even exist in their eyes. Thankfully times have changed, and a quick look at the world's biggest data breaches list will be enough to convince any non-believer the delicate situation that is currently affecting all businesses.
Although everyone is finally on the same page, the problem is that our online security has changed very little since the early nineties advised the Invincea CEO and Founder Anup Ghosh.
The castle and moat method to protect corporate networks no longer works. We now access our emails from tablets or phones. You are also more likely to find employees tapping away on a keyboard in a coffee shop or even on a plane rather than sat at a desk in an office.
The preferred method of cyber-attack on an enterprise network is usually through an end point. Malware, Ransomware, and infected attachments are most likely spread through endpoints and signature-based solutions from vendors such as Symantec or McAfee will offer little protection if scheduled scans are not maintained.
The reality for most businesses is that their biggest risk of becoming a victim of cyber-crime will come from their own employees. Spear phishing offers attackers the highest success rates by playing on their curious nature so that they click on a link or download an attachment. Just like a virtual wet paint sign or big red button, somebody will always fail to resist temptation.
Traditional security applications look for known patterns, but if it's a new threat, the old protection methods instantly reveal their weakness. But what is the answer? Anup Ghosh believes that it's a mistake to put this burden on employees who have their hands full performing their own roles.
At Invincea, they are using a combination of AI and deep learning to study variants of malware and benign-ware. This allows their software to detect patterns associated with Malware and to lock it down within eight milliseconds of the user clicking on the affected link.
These deep learning algorithms have the potential to be a complete game changer in the security industry. The system recently uncovered a new wave of ransomware that was also unleashing bots onto the machine to perform a DDOS attack on the network. This two for the price of one threat is another early warning sign of why we need to start thinking differently about security.
Most businesses accept their responsibilities but will freely admit that business performance will always be given a higher priority warned Ghosh. There is always a danger that if security ever affects performance, it will be switched off causing, even more, problems.
Invincea X is an invisible endpoint security agent using a 21st century cocktail of deep learning, behavioral monitoring, and innovation to remove any unseen threat before it hits the network. With sophisticated Ransomware attacks on the increase, these new capabilities offer high-tech protection without affecting performance in a lightweight agent.
The next challenge on the horizon will be protecting the mobile workforce from themselves. We need to bring the almost non-existent smartphone protection in line with the protection attributed to PC's and laptops.
Ghosh pointed out that most smartphone security strategies involve a simple find device, lock and erase philosophy. The time to start thinking proactively is right now rather than waiting for a data breach to arrive on our portable devices and then react.
It's refreshing to see a company thinking about this inevitable problem on the horizon. This school of thought is a massive step forward from the traditional waiting to see what happens and reacting after the damage has already been done..
I talk in-depth with Anup Ghosh on my podcast about the Invincea vision for the future. Educating employees and a combination of new digital tools such as deep learning, AI, and innovative thinking could offer the game changer we desperately need. Although right now, most of us would settle for a security product that is fit for purpose in this digital age.