SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Story image
When it comes to malware, think like James Bond and trust no-one
Fri, 8th Oct 2021
FYI, this story is more than a year old

Anyone who has ever watched a Bond movie will know that James Bond has a trust complex. Whether it's M, MI6, or a femme fatale – Bond always gets into trouble when he trusts the wrong person.

Arguably though, it's his ‘trust no-one' instinct that's kept him alive through 25 films.

And much like the omnipresent Spectre, cyber-crime continues to adapt and innovate with lethal effect. The recent spike in ransomware attacks over the past six months demonstrates cyber-crime's increasing sophistication.

Thousands of new strands of zero-day malware are created every day, and signature-based protections which rely upon reactive catalogues of threats can't keep pace. Likewise, sandboxing files to diagnose them takes time and can fail to identify sophisticated malware that knows when it is being evaluated.

Without an up-to-date security framework in place, user credentials can be compromised, and sensitive data can be stolen through internal negligence or malicious intent.

Cloud applications and bring-your-own-device (BYOD) can serve as proliferation points for malware when they are not properly secured. Unprotected personal devices can upload infected files to corporate SaaS applications, which can then spread malware to other devices and connected apps.

That's where Bond's ‘trust no-one' approach comes in and why it's so important to implement a zero trust security model.

Unlike traditional approaches where an attacker can exploit cyber-weaknesses upon gaining access inside a network segment perimeter, zero trust treats the identity of each user, application, device and data stream as its own independent ‘perimeter,' allowing granular access policy enforcement.

As a result, rigorous security enforcement continues even if hackers compromise a corporate network — malware is blocked from traversing between user accounts, devices, applications and networks.

According to the 2021 Bitglass BYOD Security Report, 41% of organisations rely on endpoint malware protection for BYOD. However, this approach is not ideal for personal devices which are hard to control and manage.

Cloud-based malware protection tools are often a far better fit but are used far less often. Unfortunately, 30% of organisations don't protect against malware for BYOD at all.

Implementing advanced threat protection (ATP) as part of a zero trust SASE architecture is an important step in proactively blocking known and zero-day threats. Artificial intelligence, behaviour-based protections and integrating a choice of best-of-breed vendors ensure fast and robust threat protection across all types of apps, devices, and infrastructure.

So when you're watching the newest Bond film ‘No Time to Die', think about how different the world would be if we could finally defeat cyber-crime – with advanced technology and a little less trust.