Page 83 - Cyber Warnings
P. 83
analysis software would detect “you aren’t supposed to do that”, and move the activity to a
sandbox for further testing before allowing it into production.
However, looking at behavior is difficult, because what is evil? Unfortunately, log analytics alone
cannot define and detect evil. We should look at both user and machine behavior for answers.
Many malware vendors are now on this quest. For example, MalwareBytes Labs advanced
threat research arm researches and investigates telemetry data from millions of installations,
and offers an advanced behavior-based detection engine. John Galda predicts that approach
will be a good end game for threat detection and remediation, but getting there will probably be
painful
In Conclusion
We may not have a 100% failsafe solution for ransomware attacks, but you can greatly reduce
the risk by educating your employees on security hygiene, religiously following best practices
such as backing up and testing restores, and building better relationships amongst members of
the C-suite for improved security and risk assessment and disaster recovery planning and
execution. To extend automated solutions to further, we must embrace new technology that
shortens the time to recognize bad behavior as threats, and isolate those components for
successful remediation.
About The Author
Jonathan Leer, Director of Communication, of Leer Technical
Communications, LLC. For the past 25+ years he has been providing technical
and business writing services to small-to-large businesses. Several are in the
security industry, including RSA and Bradford Networks. He has published
articles for Entrepreneur, Workforce Management, Sales Management, and
Training. Jon can be reached online at [email protected] and at
http://www.leertech.net.
About the Subject Matter Expert
John Galda, Director of Risk/Security at Charles River Development. He is an
expert in Risk Management, IT Governance, and Security Awareness, John
has 30+ years of experience in information technology at Fortune 500
companies such as General Electric, Liberty Mutual, United Technologies, and
Textron. John is a Certified Information Systems Security Professional (CISSP)
from ISC2, Certified Information Security Manager (CISM) from ISACA and is
also certified in ITL, LEAN Six Sigma and Project Management from George
Washington University. He has a Bachelor's of Science in IT, done graduate work at Harvard,
and has two Master degrees, the most recent an MBA from Boston University.
83 Cyber Warnings E-Magazine November 2016 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
