- Community Home
- >
- Partner Solutions and Certifications
- >
- Alliances
- >
- More malicious than ever: Preparing for today’s an...
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark as New
- Mark as Read
- Bookmark
- Receive email notifications
- Printer Friendly Page
- Report Inappropriate Content
More malicious than ever: Preparing for today’s and next-generation malware attacks
By Martin Zich
Malware is a shortened version of “malicious software.” And we are just now finding out how malicious that “ware” can be. Not that we have not faced malware threats in the past. But the malware we are staring to seeing today … and the threats we anticipate seeing in the future … give a new meaning to maliciousness and destructiveness.
Upping the threat level
Today’s malware uses various techniques to defend against detection like using polymorphic files, encryption, sandbox awareness during detection and more. But even bigger problem is the number of new types of malware being created. That’s because it is now really easy to create a custom malware. Even a person with average IT skills can do it. We will also be dealing with a huge amount of simple “one-purpose” malware which may not be so advanced, but simply takes advantage of already known weaknesses. The sophistication of infection, hiding and pivoting techniques will probably still keep rising.
Note that the widespread adoption of cloud and also hybrid environments further complicates the situation. By adopting those solutions the companies need to count with giving up some of their control and visibility as well. Suddenly your information are not only at your server but also somewhere in cloud so you may need to adopt specific techniques/controls to mitigate the risk of their leakage or integrity. Critical information could travel across public networks. You may be sharing physical infrastructure with other companies of all types and locations.
So how does an enterprise deal with these growing threats?
Aligning the response
The best way to make a bad situation better is to adopt adequate machine learning defense, based on experience made by other similar organization and users in the cyber-world. Cyber professionals will focus more on threat vectors and specific scenarios rather than specific malware in order to create effective defense.
In terms of an organization’s security governance, there will be increased pressure on correct risk management, where it all starts, and the connected processes such as vulnerability management with immediate patching. Organizations also need to make sure that their “safety net” created by business continuity and disaster recovery truly covers everything that “may break” and the correctly recognized residual risks accepted. Organization should simply assume a major disruption not only during BC/DR design.
A really good move: partnering with HPE Pointnext
HPE Pointnext has developed a set of best practices to protect against today's rising number of sophisticated known and upcoming unknown malware threats. Our approach is based on extensive experience gained from helping companies around the world – large and small - during their major disruptions. That experience helps us identify and address the most critical and vulnerable areas. It also enabled us to estimate consequences of a practice we may observe. That is very helpful for organizations which would prefer to learn from others’ mistakes, rather than from their own.
Basically, HPE Pointnext has sets of services that cover an enterprise’s entire cyber-security story – starting at the governance level and going down to deep technical details – to create the overall security posture that’s right for them.
Fighting back
It is important to remember that security really needs to be part of the planning and design of every project. This approach will eliminate many painful additional and unplanned changes which not only cost money or increase the risk of being breached but also cause the plans run significantly longer and make employees, management or any stakeholders really unhappy.
Also keep in mind that cyber-security is an ongoing thing. It simply never ends … just like technology evolution seems to be never-ending. You need to create a plan to ensure that your security posture remains just as effective tomorrow as it is today.
HPE can help you in all of these areas.
Featured articles:
- Biggest cyberthreats according to top cybersecurity experts
- Want to know the future of technology? Sign up for weekly insights and resources
Martin Zich is a cyber-security consultant, and member of HPE Worldwide security team,. He has 10 years of experience in the security industry and focuses on various cyber-defense and attacking techniques connected solutions and products to ensure information security, privacy and overall cyber-resiliency. Martin specializes in both deep-diving technical advisory and overall cyber-security strategies, correct governance and addressing various compliance requirements.
- Back to Blog
- Newer Article
- Older Article
- JoeV_The_CT on: Streamline AI Workloads with HPE & NVIDIA
- iVAN LINARES on: Curious about Windows Server 2022 downgrade rights...
- HPEML350_22 on: Windows Server 2022 is here: how to implement it o...
- testingis on: How are you going to license that new server? A st...
- wowu on: Pick up the pace
- nice345 on: Don’t let the time slip away
- vmigliacc on: Frequently asked questions about HPE solutions for...
- MassimilianoG on: What are downgrade and Down-edition rights for Win...
- harithachinni on: Coffee Coaching's "Must See" Discover Virtual Expe...
- FannyO on: TOP 10 Reasons for choosing HPE for SAP HANA
-
Accenture
1 -
Citrix
13 -
Coffee Coaching
346 -
Event
62 -
Microsoft
180 -
Red Hat
7 -
SAP
37 -
Strategic Alliances
66 -
Veeam
8 -
VMware
32