Why a Prevention-First Mindset Has Made a Comeback in Cybersecurity

Posted by Yuda Saydun on Jul 15, 2019

Advanced persistent threats (ATP) are a significant cybersecurity concern for the modern-day enterprise. Once inside the perimeter, ATPs either expand quickly, causing the loss of data, interruptions to operations, and more, or stay dormant for long periods of time.

These threats require an answer, one that detection-based tools are failing to provide. New solutions, however, are making it possible to prevent cyber threats in real-time, before they can execute or access and hide in wait on a company’s network.

Sealing the Perimeter by Focusing on Prevention

Emerging technologies have finally outstripped the capabilities of detection-based tools, and prevention is now making a comeback in cybersecurity. The most significant advance is the advent of deep learning, a form of artificial intelligence that is being deployed to successfully detect never-before seen malware, zero-day, ransomware, and APT attacks.

Deep Instinct, a CyVent partner, is leading the charge, making it possible pre-empt attacks before they execute rather than trying to hunt, identify, analyze, recover and remediate. As a result, prevention has immediate payback and ROI, eliminating post-breach wheel spinning and false alerts that are holding security teams back.

Already, Deep Instinct’s solutions has proven capable of stopping known and unknown threats in “zero-time.” In a Threat Prevention Evaluation Report from SE Labs, Deep Instinct achieved an industry-first 100% prevention rate and zero false-positives.

Cyber Security Prevention: Why Detection Alone Is Not Enough

Detection-based tools, on their own, simply can’t provide the level of security needed to keep an organization secure. On average, most threats go undetected for upward of 100 days. Because detection-based tools rely on signatures, threats that have yet to be seen readily slip through traditional defenses. A staggering 360,000 new malicious files are detected every day. Breaches will remain a daily occurrence until cybersecurity tools are able to block new threats as quickly as they evolve.

Security professionals also realize that, besides the fear of a major security incident, predicting threats based on machine learning, heuristics, or file reputation provide less-than-perfect accuracy. Security teams are facing a huge volume of false alerts, more than they can realistically manage. The cost of chasing alerts, the reality of overstretched security teams, and the cybersecurity talent gap are all factors causing security professionals to rethink the balance between detection and prevention.

Preparing for the Next Era of Cyber Threats

Threats that lurk on networks for sometimes months at a time are a grave danger that need addressing. Recent tales of the TRITON malware framework show just how deadly ATPs can be, and even the United States power grid is not immune. The question for security teams is how to prevent threats from ever entering a network in the first place. Many are starting to look to a prevention-first strategy that can enhance security for the current threat landscape. With the era of AI versus AI in cybersecurity fast approaching, it’s security tools like Deep Instinct’s that are the way of the future. 

Prevention, however, does not replace detection and response. As with most areas, balance is necessary. Organizations can supplement existing defenses with deep learning technology to prevent attacks with high accuracy before they can cause harm. The reduction in costs and time for an IT team is worth the investment.

Learn more about building a cybersecurity prevention strategy in the white paper  Reinventing Cybersecurity Prevention with Deep Learning  from Deep Instinct.

How Deep Learning for Cybersecurity Is Freeing CISOs to Prepare for What's Next

Posted by Yuda Saydun on May 22, 2019

Companies are constantly playing defense against the latest vulnerabilities and cyber threats. New malware variants appear by the second, and tried-and-true attack methods, like phishing and social engineering attacks, remain pervasive.

CISOs, board members, and the general public are well-aware of the dangerous cyber landscape. Yet in the past two years, 60% of businesses have experienced a serious security breach – 31% more than once – according to a recent survey. Advanced persistent threats keep security teams spinning their wheels, trying to hunt, identify, analyze, and remediate in a never-ending cycle. Existing tools based on signatures, heuristics, and reputation tracking are overwhelmed by the sheer volume and the ability of attackers to evolve and bypass defenses.

It’s time for security teams to take another look at prevention vs. remediation, taking advantage of emerging security tools to block attacks before they get downloaded and detonate. Thanks to recent advances in deep learning technology, CISOs can go beyond the prevailing “remediation-first” mindset and achieve the coveted ideal of preventing attacks with near 100% certainty. It may sound like hyperbole, but the technology has been tested and proven and is reimagining cybersecurity for the better.

Where Detection Falls Short, Prevention Enhances Cyber Defenses

By preventing threats, CISOs gain a significant opportunity to reduce wheel spinning and increase the ROI of the business, securing the company’s future while also protecting customers and their data.

Advances in deep learning technology are freeing CISOs from the flood of real breaches and false positives and providing a way to protect the entire attack surface. Deep learning tools are able to block known and unknown threats within milliseconds, before they can download and write to disk. Recently, independent evaluator SE Labs, pitted security provider Deep Instinct’s deep learning solution against a range of high-profile, known malware campaigns and a selection of unknown targeted attacks. The results were eye-opening.

Deep Instinct’s D-Client faced up against malware from well-publicized breaches, fileless targeted attacks, exploits targeted at Microsoft file format vulnerabilities, targeted shellcode injection attacks, and more.

Each threat was successfully prevented pre-execution with no other processes running — resulting in an industry-first 100% prevention rate and zero false-positives. Attackers have learned how to adapt to get past security tools, but now deep learning can act even faster, making zero-time prevention fact rather than a hoped for reality.

Putting CISOs in Full Control of the Security Environment

By adding a deep learning driven pre-emption layer to their environment, CISOs can go beyond sandboxes and signatures to enable threat prevention that hackers cannot evade. Adopting security tools that can detect threats before they execute is also a great enabler of digital transformation. Companies will inevitably need to offer customers more digital products and services and keep sensitive data under lock. The result is increased ROI for the IT department and the company as a whole

When security teams can rely on a tool that can anticipate, identify, and pre-empt threats with confidence, they can shift energy away from remediation and focus on being strategic enablers of business growth. Deep learning driven cyber security can enable zero-time prevention and put CISOs in control — blocking attacks, eliminating false positives and bringing relief from known and unknown threats.

Learn more about Deep Instinct’s solution and how it stood up against known and unknown threats in testing by SE Labs. Get the report here.