FireEye has this month published a follow-up report to last year’s Cybersecurity’s Maginot Line: A Real-World Assessment of the Defense-in-Depth Model, a study that examined data from more than 1,200 security deployments in 63 countries.
The new report found that “attacks are getting through multiple layers of conventional defense-in-depth tools in the vast majority of deployments.”
Maginot Revisited: More Real-World Results from Real-World Threats compares newly gathered data to the original report’s findings. The legal sector saw a 100% increase in advanced malware attacks. In all sectors, “96 percent of systems were breached on average. And 27 percent of those breaches involved advanced malware.”
“Given the widespread failings of conventional security deployments, organizations must consider a new approach to securing their IT assets.
“They need to move away from passive, poorly integrated defenses that provide a fragmented view of threats and cannot connect the dots during advanced attacks. They need a tightly integrated, nimble architecture that enables big-picture vigilance.”
Fighting malware depends on an integrated approach to information security. Not only do organisations need to ensure staff are adequately trained to recognise phishing attacks and other malware threats, they need the technological ability to rebuff attacks, and the processes in place to ensure that their security posture remains up to the task.
IT Governance ISO 27001 packaged solutions – The Basics
Internationally recognised information security for less than £350
Organisations that are concerned about the threat of malware are advised to employ a best-practice solution to information security. ISO 27001, the international information security standard, sets out the requirements of an enterprise-wide information security management system, a holistic approach to information security that encompasses people, processes and technology.
IT Governance’s recently relaunched ISO 27001 packaged solutions provide ISMS implementation resources for all organisations concerned about information security. The ISO 27001 Basics Package is aimed at organisations that have substantial management systems expertise and an understanding of information security management, as well as the necessary internal resources and a corporate culture of keeping external costs down by following a do-it-yourself approach to project management.
January offer: order the ISO 27001 Basics Package through our website in January and receive a 10% discount.