Move beyond endpoint detection and response, stop the breaches by implementing layered hybrid security
Dealing with today’s cyber threats requires a fundamentally different approach. One that is Multilayered and uses both negative and positive security controls.
Negative Security control tries to identify what is “bad” and allows everything else
L A Y E R E D H Y B R I D S E C U R I T Y
Positive Security control defines what is “good” and blocks everything else
Why is security failing?
Most organizations have security controls in place such as antivirus, next generation antivirus, host intrusion prevention and data loss prevention which use a NEGATIVE security model.
Unfortunately, negative security comes up short when it comes to the constantly evolving tactics of these cyber-criminals. Security that solely focus on detecting bad will continue to face the consequences of compromise. Detecting bad is the first line of defense, it shouldn’t be the only strategy. Positive security on the other hand offers a much higher level of security because it only allows what we know is good.
Change the approach
Detection alone as a strategy is failing. The attack vectors are infinite and constantly evolving, keeping up with them is a losing battle. Doing the same thing over and over again is not going to change the outcome.
Positive Security models use whitelisting, they are too complex and time consuming to manage and are really not suitable for today’s dynamic environments where there’s lots of change. For these reasons, most organizations have avoided the Positive Security model to protect their assets.
We at Cyfyx believe that you need a layered approach to better protect your endpoints. In addition to the Negative Security model that most organizations use, we recommend that you implement a Positive Security model alongside, but one that uses a zero-trust framework and does not require heavy lifting.
A better Approach
We have to come to grips with the world we live in. Compromise is inevitable, but the consequences don’t have to be.
Endpoint Detection and Response (EDR) has been a huge tool when it comes to end point protection, but when it’s reliant on an extensive security team to utilize it, it can be a lot for a business to handle.
A better approach is to implement a multilayered strategy with the same goal but using opposing methods to prevent a security breach. The negative security identifies what is known bad or tries to identify what could be bad using big data and machine learning and if something new that cannot be identified does get through the positive security model takes over to blocks the unknown from execution.
Olympic Destroyer Returns with Improved Arsenal
The hacker group that attacked the 2018 Winter Olympic Games IT infrastructure is still active and has rece…
Why Automation Will Free Security Pros to Do What They Do Best
There are three reasons today’s security talent pool is neither scalable nor effective in addressing the rapid evolution…
New “Turning Tables” Technique Bypasses All Windows Kernel Mitigations
Security researchers have discovered a new exploitation technique that they say can bypass the kernel prote…