Video: Zero Trust Endpoint Protection Q2

Please Rate this video:

Please select an option from 5 to 1
Why after 30 years, is malware still not contained and continues to pose a serious threat to even major organisations?


Let's just ask this next question, so why after 30 years is malware still not contained and continues to pose a serious threat to even major organizations.

So, Michael if you can start on this one?

Yeah this is a pretty huge question and it's sort of a piece of string here but the i'll give it my best shot here.

Essentially uh you know in my experience, malware authors in general uh you know just continue to hone their ability to you know wreak havoc in our networks and you know when you think about the fact that not much from that architectural mindset of how we create our IOT environments not much has changed in those 30 years it may be maybe the adoption of cloud and if anything we could definitely say that our it environs have become way more complex than they have ever been and so i think that there's actually kind of this this duality happening where malware authors you know aren't necessarily getting better at what they're doing but they're being able to exploit larger attack surfaces so for me it's about it's about the fact that our attack surfaces have just continued to expand and we've not really thought about ways to you know rethink how we're doing that and actually contain uh malware from having the sort of effect it can have.

All right Andrew..

Yeah I kind of add on again there Make that's I think not only is it kind of the game being played is obviously that the bad actors are diving away and producing you know more and more types of malware that can go undetected. Their goal is to spread obviously kind of indiscriminately in a lot of cases but in many others target specific industries in specific areas that perhaps are influx or you know have particular sensitive data that they're after and i think that that game of kind of trying to prevent the bad guys from getting in is is still pretty prevalent in a lot of the mindsets and the way that we've kind of invested in security and that that gives rise to this and but i think the other thing is that the accessibility of this is becoming more and more as well as Mike said more and more is out there we've got more and more distributed compute micro services different environments, lots of interconnected more atomic things that are therefore more susceptible to attack and the attack surface is bigger but you can also go onto the dark web and kind of lease a malware or ransomware as a service right so it's even more accessible for anybody you don't have to create thing in the first place you can really get your hands on it and just kind of push the go button and target either an industry or a nation or even a specific  company so i think real threat obviously the data that we hold the sensitivity of that always rises the places where we have that the way that we're accessing that is forever growing um and the opportunity that bad actors have and want to have is obviously more and more kind of uh uh incentive and more and more attractive to them as well all right okay great any views.

Yeah I totally agree with the last two. Everything is just getting far more developed but as well as that it's getting much more standardized um and the development is not onlyon the good side but also the bad side and some one of the big things with the bad side is they're getting much better at targeting people as much more information is search so much more easily available uh and so they're getting much more clever at targeting say a specific administrator in an organization who might be able to update group policies or they might be able to target particular details about the CFO those sort of things didn't happen 30 years ago. Everything was much more written down on paper as well as that there's there also the reliance on computers that wasn't there 30 years ago there was much more bits of paper so nowadays there's so much more automation that's to be able to exploit that they can then take over something in its entirety rather than uh rely on a manual stop gap in the middle um so it's a real technology race between uh the us trying to defend ourselves and the bad guys trying to stop us um and so when an exploit comes out and also because the internet is so uh standardized now we've got similar ways of communicating we don't say oh what protocol are you going to use or what this or what that there are all these internet standards which makes everything so much cheaper to produce but on the flip side it also makes the bad things cheaper to produce as well so we have to make sure everything is really patched up and so if you have a container that says this is how i'm going to transfer a file we have to make sure everything in that packet is really patched up and secured down and locked to do just what it's supposed to do and that harks back to the zero trust and to do that the other reason why that they it might still be uh continuing to pose a threat is because people see that if there's nothing going wrong well it must be good enough and so why spend more money on it and it's often a very hard lesson when they see themselves or a close competitor or something that's uh compromised with a ransomware attack or  something and there's this sudden oh crap moment where you think we do need to spend more money uh and so it can be expensive or resource intensive if someone's job it is to protect to keep the walls up uh and then say oh but the walls are obviously working so why don't you go and do this project and say to take people away from the core task of  defence is opens up holes or leaves holes open.