Cyber Security training from QA

How to build an effective cyber defence against polymorphic malware

QA Cyber Security Trainer, James Aguilan, lists three key areas where security efforts should be focussed to counter polymorphic malware.


James Aguilan | 11 October 2018

Polymorphic malware is an increasingly prevalent cyber threat which simply cannot be countered by traditional signature-based security measures. Instead, strategic investment in behavioural-based security measures, combined with employee education and regular software updates, can be used to create a robust, multi-layered approach that's far more effective in today's cyber security climate. Below are three key areas where security efforts should be focussed:

 

  1. Consistent cyber security training

    A large number of successful cyber-attacks start with an employee unwittingly clicking on a phishing email or malicious file attachment. Consistent employee training helps educate employee on tell-tale signs of attempted attacks, which in turn can significantly reduce the number of breaches that allow polymorphic malware in to begin with.

  2. Invest in behaviour-based detection tools

    Polymorphic malware is specifically designed to evade detection by traditional antivirus tools. As such, investments in this area can be largely futile and a waste of money. Instead, organisations should focus on more advanced, behaviour-based detection techniques. These methods offer the ability to track the way data is accessed and used by employees over time, with any suspicious activity automatically flagged. Behaviour-based solutions, like endpoint detection and response or advanced threat protection, can also pinpoint threats in real time before any data is compromised.

  3. Ensure software is always kept up to date

    Perhaps the most straightforward way of improving security against malware is ensuring that software and applications used within the organisation are always kept up to date. Major software vendors, such as Microsoft, Apple and Oracle, regularly issue crucial security patches for new vulnerabilities discovered within their software. Failure to install these promptly creates breach windows that are open to exploitation from anyone with knowledge of the vulnerabilities. Despite this, it can often be days, weeks or even months before these patches are installed, creating unnecessary risk. All organisations, no matter how big or small, must adopt a 'patch early, patch often' mantra.

 

Visit cyber.qa.com for more information on how they can help solve the Cyber Security skills gap.

 

James Aguilan

James Aguilan

Cyber Security Specialist

James Aguilan currently works as a Cybersecurity Researcher. He has provided upskilling and development to Government Agencies, National Critical Infrastructures and Large Corporations through the simulation of cyber-attacks and forensic investigations workshops. In the past, James worked as a Data Consultant where he advised high profiling clients on how to handle their data in a Civil Litigation or Criminal Investigation. Notably, this includes the largest Merger between two US Powerhouse Conglomerate, a deal worth $87 billion. Additionally, he has also served as a Cybersecurity Consultant where he would Respond to Incidents and Perform Full Forensic Investigations. James holds a first-class honour in Computer Forensics and is actively working towards a Masters in Network Security and Penetration Testing.
Talk to our learning experts

Talk to our team of learning experts

Every business has different learning needs. QA has over 30 years of experience in combining the highest quality training with the most comprehensive range of learning services, ensuring the very best fit for your organisation.

Get in touch with our learning experts to talk about how we can help.