Breach Prevention Blog

Editor's Note: This is a guest blog from IT Central Station.

Brian Wagner, the senior network engineer at Wilson County Schools in North Carolina, needed a threat prevention solution that would help improve his overall endpoint protection process while also supporting his existing security solutions. In particular, he wanted more protection than he could get with Microsoft Windows Defender, which is included in his Windows systems.

Cybersecurity spending is something of a corporate paradox. Ultimately, the discipline of cybersecurity is about risk reduction. You purchase an endpoint protection platform and other security tools--network firewalls, data loss prevention, etc.--to reduce the risk of an attack compromising your systems.

When it comes to cybersecurity, more investment doesn't necessarily mean more protection. Even though the cybersecurity market grew by over 10 percent annually before 2020, last year still saw a record amount of damage done by data breaches. While the threat landscape has undoubtedly evolved in recent years, the array of defense solutions available to organizations has multiplied too.

Microsoft Defender Antivirus suffers from a perception problem. For the first decade of its existence, starting with its 2006 release, Defender was a much-maligned piece of software that no business would use to protect its endpoints. That’s no longer the case. Defender has today evolved into a competent and competitive endpoint security platform backed by one of the world’s largest companies. This improvement didn’t happen by accident. 

Every week, the Morphisec team works hard to bring you the top stories from around the security media-sphere to make your job and securing your critical infrastructure easier.

In today’s weekly edition of Security News in Review, you’ll find news from Microsoft about keeping your defenses up despite Emotet’s disruption, a new Google Chrome 0-day that affects Windows and Mac users, and reporting about a ransomware attack on utility company Electrobras. 

For the first two decades of the internet age, from the early 1990s to the 2010s, high-quality antivirus software that blocked the most malware came at an appropriate premium. After all, the endpoint was—and still is—of the primary attack vectors for cyber threats, so it stands to reason that antivirus could charge a premium to secure your endpoint. 

It’s not hard to understand the concept of proactive cyber defense: acting in anticipation of an attack against a computer or network. The goal is getting in front of attacks by evading, outwitting, or neutralizing them early instead of waiting for the damage to start like reactive cyber defenses.

It’s also not hard to understand the benefits of being proactive: preventing the negative effects of cyber attacks instead of trying to minimize the damage. The only thing hard to understand is why every company doesn’t practice proactive cyber defense already?

Defending your critical infrastructure against cyber threats has never been harder. Adversaries constantly innovate new techniques to exfiltrate or encrypt data, forcing defenders to play a cybersecurity version of “whack-a-mole” in their attempts to ameliorate any possible damage.

The economic impact of a successful breach is one of the easiest to quantify. It’s also increasing constantly, with analysts predicting the cost of cybercrime globally will exceed $6 trillion annually by 2021, a 100% increase from 2015. Much of this cybercrime is perpetrated on or through the endpoint, with an end goal typically of either data exfiltration or encrypting the data and charging a ransom (often it’s both).

The term “new normal” means different things to different people. For some, the term is synonymous with a return to the office (just with a few tweaks), while others think that co-located teams are gone for good. The reality is probably somewhere in between. Household names like Google and Facebook are planning for a future where most of their employees work remotely most of the time. And where big tech goes, other organizations tend to follow.