Organizations around the world are leveraging technology to enable a mobile workforce, but that gives rise to data security concerns. Employees can work in and out of the office using any device and leveraging cloud applications for greater access. Yet, without the traditional VPN in place, there is a gap in protection that typically is provided by the corporate network. Market vendors claim to block 99 percent of threats, leaving the last one percent open to attack.
Today’s sophisticated hackers have designed threats to circumvent traditional preventative tools aimed at remote connectivity using file-less malware and ransomware. Cisco’s AMP for Endpoints neutralizes the last one percent of threats by syncing network and endpoint data to share information. Once a virus is seen, it can be blocked throughout the entire network and endpoints.
“Securing the endpoint is as critical as the network, and one needs to inform the other to eliminate blind spots. This means sharing information that is seen at the network with the same knowledge base that the endpoint is using,” said Jeff Reed, Senior Vice President of Product for Cisco’s Security Business, in his blog on cyber threats.
The last one percent of threats can be stopped, according to Reed, by leveraging the new capabilities for AMP for Endpoints and following these best practices:
- Prevent fileless malware: There has been a significant rise in malware going fileless. This malware frequently comes in the form of in-memory attacks, or web-browser injections. They are difficult to catch due to the lack of a file to inspect.
- Stop ransomware: This is one of the biggest threats to users and devices. While there is no silver bullet to stopping ransomware, continuous monitoring is needed to ensure that malicious activities are prevented before a hacker attempts to encrypt your systems.
- Discover unknown threats: One of the biggest challenges for organizations is being able to find the needle in the haystack after they have received information about a threat. Having a standalone threat hunting tool is typically costly, and most lack integration with the rest of the security stack. Visibility allows users to rapidly search across their entire environment with just a single breadcrumb, such as an IP, domains, or hash, and will connect all the dots between these points.
Interested in learning more about protection against the last one percent of threats? Read more here.