Page 76 - Cyber Defense eMagazine - September 2017
P. 76

security products are focused on monitoring run-time activity of applications, mapping correct
               application behavior and taking immediate action if the application goes off the rails.

               Applications  should  be  predictable.  Whether  it’s  a  legacy,  purpose-built  app,  or  a  modern
               interconnected  system,  the  path  an  application  takes  follows  predetermined  programming.  A
               good analogy is a Google map: if you are driving from Los Angeles to San Francisco, there are
               only  a  few  acceptable, pre-determined  routes. If  you  start  heading  of  Las  Vegas,  or  Mexico,
               something is seriously wrong, and your car has likely been hijacked.

               This deterministic process has the advantage of limiting the scope of security, and focusing on
               what  matters  –  the  application  and  associated  data.  It  also  accepts  the  fact  that  many
               applications won’t be patched with the latest security updates, and need to be protected as is.
               According  to  a  white  paper  from  security  vendor  Virsec,  “this  approach  differs  from  legacy
               security solutions by focusing on application execution integrity – ensuring they run as designed
               by their original coding.”

               Regardless of the specific approach, it’s clear that cyber security needs to be pragmatic to be
               effective. The current over-dependency on patching as the security panacea will continue to fail,
               because  it  ignores  the  challenges  that  legitimately  hinder  timely  updates  to  legacy  systems.
               Until we can shift to a new mindset and secure applications as they really exist, the hackers will
               continue to stay ahead, find holes and wreak havoc.



               About the Author

               Willy  Leichter,  Vice  President  of  Marketing,
               Virsec.  Willy Leichter has over twenty  years
               of experience helping global enterprises meet
               emerging  cyber  security  and  compliance
               challenges.

               With    extensive   experience   multiple   IT
               domains  including  threat  prevention,  cloud
               security,  global  data  privacy  laws,  data  loss
               prevention,  and  email  security,  he  is  a
               frequent  speaker  at  industry  events  and
               author on IT security and compliance issues,
               including the Global Guide to Data Protection
               Laws.

               A graduate of Stanford University, he has held
               leadership positions in the US and Europe, at
               CipherCloud,        Axway,         Websense,
               Tumbleweed  Communications,  and  Secure
               Computing (now McAfee/Intel).



                    76   Cyber Defense eMagazine – September 2017 Edition
                         Copyright © Cyber Defense Magazine,  All rights reserved worldwide.
   71   72   73   74   75   76   77   78   79   80   81