Can the Past Come Back to Haunt You?

Nir Gaist, Founder & CTO, Nyotron

It’s easy for those of us in the cybersecurity industry to focus our collective attention on what’s new. Unknown malware attacks make headlines worldwide, and vendors unveil their “next-gen” technologies to battle those threats at events like RSA. But two new research reports warn us not to overlook older, known threats, or deploy technologies like Endpoint Detection and Response (EDR) without first doing some due diligence.

Older, But Still Dangerous

Nyotron’s own Research Team recently conducted a comprehensive study of AV efficacy against known malware. They tested almost 60,000 known malware samples dating back to as early as 1988, along with malware from the past 18 months, against AV products from three major well-respected vendors. The top line findings are alarming:

  • Efficacy against known malware – between 72.2% and 99.9%
  • Efficacy against modified known malware (single byte change) – between 59.5% and 88.9%
  • Efficacy against known malware when not connected to the Internet – between 33.8% and 80.7%

For a deep dive into our testing methodology and findings, download the white paper The Illusive 99.9%: Study of the efficacy of modern antivirus products against known malware here.

Education Before Implementation
The market for EDR solutions is growing at a rapid pace, from $238 million in 2015 to $1.54 billion in 2020, and Osterman Research set out to determine why. The firm surveyed security professionals and found many have implemented EDR, or plan to. But Osterman Founder Michael Osterman worries many are fast-tracking EDR implementation without fully understanding how they work or their potential impacts – both positive and negative – on security staff and their end-users.

For instance, the finding that more than half of the respondents expect to reduce the burden on their security staff sends up a red flag. Typically the opposite is true because security teams will have to devote some level of effort to understanding and analyzing the volumes of data an EDR solution provides every day.

My colleague Rene Kolga recently co-hosted a live webinar with Osterman to review the report’s key findings, discuss how to evaluate the role an EDR solution can play in an organization’s security stack, and what questions to ask any EDR vendor before making a purchase. Check out Rene’s recent blog post for more details, and download the full Osterman report here.

INDUSTRY SPOTLIGHT: Healthcare

Printing Industries Association, Inc. of Southern California (PIASC) is a trade association for commercial printing and graphic arts professionals. It administers the Printing Industries Benefit Trust, which provides healthcare benefits to over 1,000 member companies and their 21,000 employees and dependents. PIASC President and CEO Lou Caron explains why the organization implemented Nyotron PARANOID to secure critical data and systems, improve system performance for all users, reduce the burden on the IT staff, and demonstrate compliance with HIPAA requirements governing the security of the protected health information (PHI).

Read More

Poll

What are your plans, if any, to deploy an Endpoint Detection and Response (EDR) solution?

Newsletter - Q2 2019