Polymorphic malware is an increasingly prevalent cyber threat which simply cannot be countered by traditional signature-based security measures. Instead, strategic investment in behavioural-based security measures, combined with employee education and regular software updates, can be used to create a robust, multi-layered approach that's far more effective in today's cyber security climate. Below are three key areas where security efforts should be focussed:
-
Consistent cyber security training
A large number of successful cyber-attacks start with an employee unwittingly clicking on a phishing email or malicious file attachment. Consistent employee training helps educate employee on tell-tale signs of attempted attacks, which in turn can significantly reduce the number of breaches that allow polymorphic malware in to begin with.
-
Invest in behaviour-based detection tools
Polymorphic malware is specifically designed to evade detection by traditional antivirus tools. As such, investments in this area can be largely futile and a waste of money. Instead, organisations should focus on more advanced, behaviour-based detection techniques. These methods offer the ability to track the way data is accessed and used by employees over time, with any suspicious activity automatically flagged. Behaviour-based solutions, like endpoint detection and response or advanced threat protection, can also pinpoint threats in real time before any data is compromised.
-
Ensure software is always kept up to date
Perhaps the most straightforward way of improving security against malware is ensuring that software and applications used within the organisation are always kept up to date. Major software vendors, such as Microsoft, Apple and Oracle, regularly issue crucial security patches for new vulnerabilities discovered within their software. Failure to install these promptly creates breach windows that are open to exploitation from anyone with knowledge of the vulnerabilities. Despite this, it can often be days, weeks or even months before these patches are installed, creating unnecessary risk. All organisations, no matter how big or small, must adopt a 'patch early, patch often' mantra.
Visit cyber.qa.com for more information on how they can help solve the Cyber Security skills gap.
More articles by James
Cyber Pulse: Edition 105
Read the latest edition of Cyber Pulse, our round-up of cyber news.
16 March 2020Cyber Pulse: Edition 104
Read the latest edition of Cyber Pulse, our round-up of cyber news.
09 March 2020Cyber Pulse: Edition 103
Read the latest edition of Cyber Pulse, our roundup of cyber news.
02 March 2020Cyber Pulse: Edition 102
Read the latest edition of Cyber Pulse, our roundup of cyber news.
24 February 2020Cyber Pulse: Edition 101
Read the latest edition of Cyber Pulse, our roundup of cyber news.
17 February 20204 things you need to know about cyber security in 2020
Cybersecurity researcher James Aguilan predicts four areas that will shape the future of cybersecurity in the decade ahead.
22 January 2020How does Ransomware-as-a-Service work?
Cyber security Researcher, James Aguilan looks at how ransomware-as-a-service works, and how organisations can protect themse…
07 August 2019Phishing Campaigns: Defending organisations against phishing
QA Cyber Security Trainer, James Aguilan, argues that understanding how to defend against phishing is of paramount importance…
15 February 2018Is Mr Robot a good representation of real-life hacking and hacking culture?
QA Cybersecurity trainer James Aguilan looks at several scenarios featured in the hit US TV series Mr Robot – and how they ma…
19 February 2018Safeguarding your Digital Footprint
QA Cyber Security Trainer, James Aguilan, shares 6 tips that can help you safeguard your digital footprint.
05 March 2018