According to recent reports, Brian Dye, senior vice-president for information security at Symantec is quoted as saying “antivirus software only catches 45% of malware attacks and is dead”.
At first glance, Dye’s comments seem to go against the guidance we have all received before. But Dye does offer some clarification; he goes on to make the point that many types of attack are beyond the reach of antivirus software, and that a holistic approach to cyber security is now needed.
So, how can you take a holistic approach to cyber and information security? The simple answer is through a combination of people, process and technology. Such a framework is offered in the International Standard ISO/IEC 27001.
If implementing a management system as described in ISO/IEC 27001 seems like overkill for your organisation, however, there are some simple technical steps you can take to improve the security of your organisation’s information.
One such solution is encryption software such as Symantec Drive Encryption. By encrypting the information on your organisation’s computers you can render it useless to cyber criminals.
Another solution that all organisations should be employing is antivirus software such as ESET Endpoint Antivirus. ESET Endpoint Antivirus protects computers from viruses and many types of malware. It is a key control that organisations need to implement as part of the UK Government’s new Cyber Essentials scheme.
Finally, a simple step you can take to improve your organisation’s security is password management using a solution such as Password Vault Manager to proactively generate and manage highly secure passwords and store them in a central location.
It’s simple steps like these that improve the security posture of your organisation.