If you’re old enough to remember when all music came on vinyl records, then you also will remember the skips, pops and unplayable quality of the thin, cheap LPs of the 1970s and 80s that probably did as much as the laser to drive the takeover of the music industry by the compact disc.
Those of us who still expect to hear a skip in a favorite old song, even when it’s playing on our iPods in pristine digital form will be all too familiar with the concept of a “broken record.” That phrase, in a totally new context, keeps running through my mind as I read about one organization after another that has been breached by a cyberattack.
Time magazine summed it up: “Cyber criminals and spies are breaking into companies and government agencies on a daily basis.”
Major media outlets, the U.S. Department of Energy, the Federal Reserve System and an Arizona grocery store chain are just some of the most recent victims of cyberattacks. Many of the attacks have been blamed on a nation-state, i.e., China, or a hacktivist group, i.e., Anonymous. But that’s not all these breaches have in common. These and so many other cyberattack victims rely on something other than a trust-based security solution to protect them against advanced threats, including targeted malware and zero-day attacks. And guess what, the antivirus and other traditional security solutions these entities hoped would protect their endpoints, servers and the data on them failed. Miserably.
Even Symantec, the leading antivirus-software maker, admitted after one high-profile attack that “Anti-virus software alone is not enough.” Well put. I couldn’t have said it better myself. Cyberthreats are serious business, and the cyber security efforts to defend against them are even more serious business. Enterprises, government departments and other organizations collectively spend billions of dollars annually on security “solutions” that are just “not enough.”
The hackers and cybercriminals are getting smarter and bolder with each passing day. The time is now for any business that wants to protect itself and its information against the bad guys to stop relying on old-fashioned weapons to fight this modern war. The real solution to the epidemic of cyberattacks is elegant in its simplicity: deploy a trust-based security solution with policy-driven application control and whitelisting. Then, only the software you trust will be able to execute on your systems. Everything else? Stopped. In. Its. Tracks.
What is it going to take for the world to heed the wisdom of Albert Einstein who (allegedly) said: “Insanity is doing the same thing over and over again and expecting different results.” Expecting antivirus to stop today’s (and tomorrow’s) advanced threats, when you could deploy a trust-based solution that can actually do that? Insanity!