- Community Home
- >
- Partner Solutions and Certifications
- >
- Alliances
- >
- More malicious than ever: Preparing for today’s an...
-
- Forums
-
- Advancing Life & Work
- Advantage EX
- Alliances
- Around the Storage Block
- HPE Ezmeral: Uncut
- OEM Solutions
- Servers & Systems: The Right Compute
- Tech Insights
- The Cloud Experience Everywhere
- HPE Blog, Austria, Germany & Switzerland
- Blog HPE, France
- HPE Blog, Italy
- HPE Blog, Japan
- HPE Blog, Middle East
- HPE Blog, Russia
- HPE Blog, Saudi Arabia
- HPE Blog, South Africa
- HPE Blog, UK & Ireland
-
Blogs
- Advancing Life & Work
- Advantage EX
- Alliances
- Around the Storage Block
- HPE Blog, Latin America
- HPE Blog, Middle East
- HPE Blog, Saudi Arabia
- HPE Blog, South Africa
- HPE Blog, UK & Ireland
- HPE Ezmeral: Uncut
- OEM Solutions
- Servers & Systems: The Right Compute
- Tech Insights
- The Cloud Experience Everywhere
-
Information
- Community
- Welcome
- Getting Started
- FAQ
- Ranking Overview
- Rules of Participation
- Tips and Tricks
- Resources
- Announcements
- Email us
- Feedback
- Information Libraries
- Integrated Systems
- Networking
- Servers
- Storage
- Other HPE Sites
- Support Center
- Aruba Airheads Community
- Enterprise.nxt
- HPE Dev Community
- Cloud28+ Community
- Marketplace
-
Forums
-
Blogs
-
Information
-
English
- Subscribe to RSS Feed
- Mark as New
- Mark as Read
- Bookmark
- Receive email notifications
- Email to a Friend
- Printer Friendly Page
- Report Inappropriate Content
More malicious than ever: Preparing for today’s and next-generation malware attacks
By Martin Zich
Malware is a shortened version of “malicious software.” And we are just now finding out how malicious that “ware” can be. Not that we have not faced malware threats in the past. But the malware we are staring to seeing today … and the threats we anticipate seeing in the future … give a new meaning to maliciousness and destructiveness.
Upping the threat level
Today’s malware uses various techniques to defend against detection like using polymorphic files, encryption, sandbox awareness during detection and more. But even bigger problem is the number of new types of malware being created. That’s because it is now really easy to create a custom malware. Even a person with average IT skills can do it. We will also be dealing with a huge amount of simple “one-purpose” malware which may not be so advanced, but simply takes advantage of already known weaknesses. The sophistication of infection, hiding and pivoting techniques will probably still keep rising.
Note that the widespread adoption of cloud and also hybrid environments further complicates the situation. By adopting those solutions the companies need to count with giving up some of their control and visibility as well. Suddenly your information are not only at your server but also somewhere in cloud so you may need to adopt specific techniques/controls to mitigate the risk of their leakage or integrity. Critical information could travel across public networks. You may be sharing physical infrastructure with other companies of all types and locations.
So how does an enterprise deal with these growing threats?
Aligning the response
The best way to make a bad situation better is to adopt adequate machine learning defense, based on experience made by other similar organization and users in the cyber-world. Cyber professionals will focus more on threat vectors and specific scenarios rather than specific malware in order to create effective defense.
In terms of an organization’s security governance, there will be increased pressure on correct risk management, where it all starts, and the connected processes such as vulnerability management with immediate patching. Organizations also need to make sure that their “safety net” created by business continuity and disaster recovery truly covers everything that “may break” and the correctly recognized residual risks accepted. Organization should simply assume a major disruption not only during BC/DR design.
A really good move: partnering with HPE Pointnext
HPE Pointnext has developed a set of best practices to protect against today's rising number of sophisticated known and upcoming unknown malware threats. Our approach is based on extensive experience gained from helping companies around the world – large and small - during their major disruptions. That experience helps us identify and address the most critical and vulnerable areas. It also enabled us to estimate consequences of a practice we may observe. That is very helpful for organizations which would prefer to learn from others’ mistakes, rather than from their own.
Basically, HPE Pointnext has sets of services that cover an enterprise’s entire cyber-security story – starting at the governance level and going down to deep technical details – to create the overall security posture that’s right for them.
Fighting back
It is important to remember that security really needs to be part of the planning and design of every project. This approach will eliminate many painful additional and unplanned changes which not only cost money or increase the risk of being breached but also cause the plans run significantly longer and make employees, management or any stakeholders really unhappy.
Also keep in mind that cyber-security is an ongoing thing. It simply never ends … just like technology evolution seems to be never-ending. You need to create a plan to ensure that your security posture remains just as effective tomorrow as it is today.
HPE can help you in all of these areas.
Featured articles:
- Biggest cyberthreats according to top cybersecurity experts
- Want to know the future of technology? Sign up for weekly insights and resources
Martin Zich is a cyber-security consultant, and member of HPE Worldwide security team,. He has 10 years of experience in the security industry and focuses on various cyber-defense and attacking techniques connected solutions and products to ensure information security, privacy and overall cyber-resiliency. Martin specializes in both deep-diving technical advisory and overall cyber-security strategies, correct governance and addressing various compliance requirements.
- Back to Blog
- Newer Article
- Older Article
- Willa on: Coffee Coaching's "Must See" Discover Virtual Expe...
- Willa on: Keep SMBs protected & enable remote working with W...
- Willa on: Get HPE Gen10 Servers with Windows Server 2019 up ...
- mitchyfel on: HPE joins the Microsoft Azure Expert Managed Servi...
- UrsRenggli on: Imagining the Possible, from Edge to Cloud with Mi...
- Willa on: Windows Server 2019: Coming Soon from HPE!
- Willa on: Act now: upgrade from Windows Server 2008 with si...
- Willa on: Storage Spaces Direct (S2D) and Windows Server Sof...
- TARichardson on: Guess who won 5 CRN 2018 Products of the Year Awar...
- Willa on: Server basics: HPE ProLiant Gen10 Server types for...
-
Accenture
1 -
Citrix
12 -
Coffee Coaching
277 -
Event
62 -
Microsoft
162 -
Red Hat
2 -
SAP
26 -
Strategic Alliances
20 -
Veeam
7 -
VMware
14
Hewlett Packard Enterprise International
- Communities
- HPE Blogs and Forum
© Copyright 2021 Hewlett Packard Enterprise Development LP