According to the 2006 CSI/FBI Computer Crime and Security Survey, 46% of companies reported a laptop loss of theft. Who can forget TJ Maxx, the giant retailer with nearly 2,500 discount stores whose network was compromised and an estimated 45.7 million credit and debit card numbers were stolen by hackers. In today’s global economy where networks are linked together and every company has a website and email, the protection from outside and inside threats is critical for the survival of any organization in our networked world. Information is the lifeblood of the company.

Cybercriminals exploit any vulnerability they can find to intrude into corporate networks. Loopholes in web security are used to get malware onto a user’s computer. According to IBM X Force “A large number of crimeware toolkits have included 2 or 3 recent PDF exploits for use in compromising machines. These crimeware toolkits are bundles of exploits and malware that can be easily re-used by malicious parties to attack and compromise hosts. These toolkits are utilized for many different reasons; the ease of use and success rate is a big motivation. Many people utilize them to install malware at a global level, such as fake antivirus software. In this case the attacker would be paid for each install that was successful, and the owner of the software would be paid by the compromised user through nefarious means. Botnet owners also benefit from these toolkits providing a quick and easy way to grow their malicious networks. However it is used, the objective is usually financially and sometimes politically driven.” One new infected webpage is discovered every five seconds, and over 90 percent of these pages are on legitimate websites that have been compromised.

Strategy #1 - Maintain current anti-virus protection
Malware detection remains primary as the central form of network security. Manageability and automation are important – network protection is only effective if the AV is correctly configured, deployed and updated across the whole network as well as new computers put on the network and remote users. An automated patch management solution, as well as a device monitoring solution to detect new virus versions and install updates on the device is essential for up to date security.

Strategy #2 - Proactively protect the network
Traditionally, protection against malware and spam was created by security vendors collecting samples of particular viruses and spam, and then developing specific protection. Today this method is simply too slow and inadequate – there are too many targeted threats and they mutate too rapidly. Such large volumes of rapidly mutating malware require proactive, zero-day protection, to protect against threats that the vendor has not yet seen or analyzed. A common protection against this is called HIPS (Hosted Intrusion Prevention System), which uses forms of behavioral analysis by monitoring the behavior of code, to prevent malware attacks before they happen.

Strategy #3 - Preventive protection
Controlled network access reduces the risk of infection by ensuring security policy is being complied with by all computers, including all remote and guest machines that attach to the network. By certifying systems before and after they connect to the network, network access control software can ensure compliance with corporate defined policies. Safe web browsing needs to tie in with network access controls. Often innocent looking sites can contain malicious code that can easily infect company users and corporate networks. Blocking “bad” sites is effective, however, it is not just the sites that need to be blocked or checked, but also the content.

Strategy #4 - Standardize network applications
Unauthorized installation of software, instant messaging, games, peer-to-peer file sharing, and other forms of intrusion such as USB drives, are a real growing threat. They introduce malware to the corporate network increasing the corporate exposure and risk to the firm’s assets. Restricting use of these software applications reduces security exposure. The protection of sensitive corporate data, especially in mobile computing, is more important than ever. The news is filled seemingly daily with reports of company laptops, CDs and USB keys packed with confidential information falling into the wrong hands. By using device control you can prevent data being copied and stored on devices like these. However, the problem is that modern business practice often requires the use of such devices. An effective solution to this obvious security weak spot is encryption, which ensures that though the medium might be lost, the data itself is protected and no unauthorized person can access that data or the rest of their IT infrastructure.

Strategy #5 - Third party validation
Having a trusted encryption solution is a must for any organization. A third party penetration test and security analysis adds to the level of protection knowing that an outside party unfamiliar with your network security has tested the security measures. Major risk challenges (such as Payment Card Industry Data Security Standards) call for technologies in multiple security domains that must be integrated into significant portions of the enterprise infrastructure, and into critical business processes. Cost and complexity cannot be contained if comprehensive solutions must be patched together with technologies from a dozen sources. External validation can often find holes in security policies that are unseen by others. This requires deep business and application knowledge, and the resources to integrate the complete technology solution tightly into your unique infrastructure environment and business processes. Finally, your partner must be at the forefront of security research and development, to keep your security and compliance vision forward looking, and to assure that the forces of change don’t overcome your power to counter risk.