we want to hear from you >
Yesterday we announced a revolutionary new weapon for those looking to combat today’s most pressing and urgent security issues, while still taking full advantage of all that the internet has to offer.
Let’s face it: Zeus, Stuxnet, Aurora, and WikiLeaks prove that legacy security products are totally ineffective against modern threats. This is a wakeup call for the security industry.
Consider these facts from a recent Miercom test:
Blue Coat is only 18.9 % effective at blocking modern malware threats, Cisco is only 12.8% effective. Blue Coat is only 29.4% effective at blocking dynamic content on the social Web. McAfee is only 19.8% effective.
And our own research shows that 20 percent of daily email threats are undetected by AV, UTMs, firewalls, and proxies. This is a failure of the security industry in general, and it cannot be solved with the latest DAT file.
In the meantime, while the rest of the industry is talking about concepts down the road, the real security paradigm shift occurred yesterday.
So in my previous two posts,, we talked a little about the ramifications and risks that this incident has brought to light within your business. Now I’d like to speak on a practical level, things you can do to prevent just this sort of thing from happening to you.
It may come as a surprise to some that legacy controls aren't enough. And, as this incident showed, it's not just email that data is being lost through: the Web is four times more likely, and USB is a large vector too. However, a myopic approach to solving the problem can be dangerous. Shutting down access - a natural, gut reaction - will only create more obstacles and impede an organizations ability to operate at their peak capacity.
Another day and WikiLeaks is still top of mind. As a follow-up to yesterday’s blog post, the following is an excerpt from the WikiLeaks/Forbes Q&A interview:
Reporter: So do you have very high impact corporate stuff to release then?
Julian Assange: Yes, but maybe not as high impact…I mean, it could take down a bank or two.
Reporter: That sounds like high impact.
Julian Assange: But not as big an impact as the history of a whole war. But it depends on how you measure these things.
In this way Mr. Assange is correct, it depends on how you measure these things. To me, “taking down a bank or two” seems mammoth and potentially damaging to an already tenuous global economy. And if leaking documents can “take down” a multibillion dollar financial institution, what could the potential ramification for your business be?
It’s impossible to ignore the fallout of the most recent WikiLeaks release of classified U.S. Diplomatic cables. This week the group released a massive cache of more than 250,000 confidential documents. According to WikiLeaks, it’s the largest ever to be released publicly.
putting the issue of the morality and the legality of the leak aside, there were a number of revelations the security industry took note of, including:
- allegations that China's Poliburo ordered the famed Aurora attack on Google and other companies
- and that the leak caused the state department to rethink its data security policies, limiting access of writable USB and CD-ROMs in certain environments.
The impact to national security and U.S. diplomacy is potentially disastrous. But equally startling was the revelation that WikiLeaks servers contain confidential and material items from private business. First revealed in a Forbes cover story, WikiLeaks will soon publish tens of thousands of confidential documents from a major U.S. financial institution.