– During 2020 organizations should start focusing more on having full visibility across their entire infrastructure, regardless of type of endpoint (physical or virtual) or they location (on premise or in the cloud). Visibility helps both in terms of accurately assessing what type of security technologies work best for each instance, causing the least performance impact while offering the best protection, and in terms of timely getting security alerts that could potentially be indicative of a security breach. For instance, advanced and sophisticated malware that’s specifically targeting individual organizations might fly under the radar of traditional endpoint security solutions, but with the right network and endpoint sensors (associated with Endpoint Detection and Response capabilities), IT and security teams can get early warning signs of suspicious actions usually associated with data breaches. The main focus for organizations during 2020 should be detecting sophisticated malware and potential data breaches as early on as possible, before they reach the final stage of the attack when data gets exfiltrated or is permanently lost. Preventing all data breaches may be an impossible task, but stopping them before they do irreparable financial and reputational damages is definitely possible with an adequate security stack and visibility.
How can you as a company keep up with all the turns yourself? Do you have any tips?
– The cybersecurity industry is probably one that innovates the most during the shortest sprints. Effective cybersecurity technologies need to be proactive, layered, and augmented by constantly tuned machine learning algorithms designed from the ground up by some of the best researcher and mathematicians. We’re basically are a security technology company, meaning that we’re constantly investing in R&D for new security technologies designed to both protect against new or unknown threats, and to be fully integrated with the latest cloud, virtualization, and data center infrastructure technologies. In the last three years alone, Bitdefender has registered 48 patents for pillar technologies, out of a total of 136 recognized so far. Another 230 patents are under examination, and a tenth of the total are in the field of artificial intelligence and machine-learning, the main weapon in the fight against new and unknown threats. R&D is at the core of keeping up with the ever-evolving cybercrime industry, and we have a good track record for developing industry-first security technologies that have been tested, proven, and awarded among best for effectively detecting and protecting against even the newest threats.
If the accident has occurred and you are hit by an infringement – what is the absolute first action?
– The first thing any organization needs to do when a potential data breach or infection has been reported is identify the affected systems and quarantine or take them offline in order to contain the intrusion. Stopping the infection from spreading or the attackers from reaching other vital areas of the infrastructure is critical. These actions need to be taken in a way that does not contaminate any forensic evidence that could be relevant during the investigation. Of course, any business or organization should have an incident response plan that details what actions need to be taken during each step of a potential data breach.