A Major Message of RSA

According to one of the world’s largest cyber security conferences, RSA, there is no way to reliably stop future cyber attacks. This sounds rather dismal. Yet, depending on the security approach being deployed, it may be entirely accurate.

In order to effectively stop future cyber attacks, there are proactive approaches businesses of all shapes and sizes must consider when evaluating their cyber security solutions.

Application Whitelisting

The use of application whitelisting as an organization’s primary means of malware detection will effectively thwart malicious files from being able to run on endpoints and servers. Unfortunately, application whitelisting does come with a few negative connotations. First, the risk of false positives, or the software misclassifying a safe program as potentially malicious. Second, the misconception that application whitelisting requires an increase in backend work from the IT professionals or admin team. This could be true, depending on the security solution. However, this is why it’s critical when deploying an application whitelist, users find a solution that uses an automated global whitelist. Therefore, the creation, maintenance and testing does not fall on the shoulders of the organization’s IT team.

Malicious Script Blocking

Other major messages from RSA were certainly correct. For instance, cyber criminals are finding more and more ways to exploit systems to install malware. One of these ways is by bypassing executable files and targeting scripting agents like PowerShell and WScript. Unfortunately, few security solutions are doing anything about this. Finding a security program that effectively blocks malicious scripting attacks has been, and will continue to be critical.

Protecting RDP Ports

In addition to exploiting scripting agents, hackers are also targeting remote access ports. Why? Because these ports are often left enabled leaving an easy access point for hackers to brute force their way in. Users must conduct an audit of these open ports, evaluate if they need to remain enabled and establish proper controls if they cannot be disabled.

Some security solutions will help with this audit process, as well as the deployment of controls to minimize risk of intrusion. But not all.

Conclusion

Although there has been an overall theory that one cannot fully protect from what the future of cyber security may hold, there are appropriate steps IT professionals can take to effectively thwart modern cyber security attacks. With the use of application whitelisting, malicious script blocking, and proper controls to thwart brute force attacks through RDP ports, businesses will be highly secured from modern threats. However, to stay secure, the organization’s security solution but also be advancing and evolving with the latest cyber threats. Therefore, it is important users find a security solution vendor that is innovative and displays a strong proactive mission to malware detection.