The threats evolve: how can a business stay safe?
The latest in the evolution of malware specifically targets the Telecom Sector and wreaks about as much havoc as you would expect in these interesting times in which we find ourselves. The problem is that modern malware is evolving and changing at such a rate, signature-based antivirus companies just cannot keep up.
The way that the old-school antivirus software works is that a threat is found (i.e. the first clients of the antivirus company get “hit” and become infected). The virus / malware is then analysed by the company and a file is created that tells the entire installation base for that antivirus product, all about that specific virus: these files are called virus signature files. The turnaround time for one of these signature files to be created can be considerable and depending upon which source you listen to, it can be between six hours and six weeks. Given that the shelf life for new malware can be shorter than this amount of time, it becomes apparent that relying solely upon your antivirus software is really not a good plan.
To recap, we have very advanced, ever changing malware which is being dealt with by old-school antivirus programs in a manner that brings the Russian Roulette scene from The Deer Hunter to mind. The situation is less than ideal and hopefully, will now force you to consider making some changes to how you look after your cyber-security. To quote Douglas Adams’ book, The Hitchhiker’s Guide to the Galaxy, DON’T PANIC!
There are two key areas for a business to address in order to survive the modern-day threats without relying upon the 20% antivirus / 80% luck mix. The first of these is a new kind of security software called Heimdal Security. This sits alongside your antivirus software, if you have a sentimental attachment to it, or replaces it if you have not.
Think of Heimdal Security as anti-hacker-ware: It keeps your PC’s software security patches up to date without troubling the users, it blocks known “bad” internet infrastructure and the rest of how it works might as well be magic as far as the average PC user is concerned. Suffice to say, it works and you should look into using it.
The second method is training. The old method of training was a real pain if I’m being honest: You get a trainer in and to make it worthwhile, you get them in for a couple of hours. You then try to get most of the staff into one place at the same time to be trained. The result? Bored staff that don’t take much in, expensive downtime from taking your staff away from their jobs and an expensive trainer to pay for. A classic lose – lose situation.
The new way is better on all counts: KnowBe4 provides online training, including tests to check that your staff have been paying attention. It is quick for your staff to do, it doesn’t cost much, and they can do it whenever they can fit it in. You get the results of who has completed the training and who has passed, from which you can see who needs more help. On top of this, you can create your own fake phishing campaigns and train / test your staff how to spot the real phishing emails! Most malware comes in via a phishing email, so this is valuable training to give to your employees.
Between these two methods, your business will be a lot safer than it was before!
For help and advice, and to be put in touch with a participating Brigantia partner, please email firstname.lastname@example.org or call Brigantia on 020 3358 0090.