Some Context on Malware in the Enterprise

January 26, 2011 By BobGourley

I’ve previously written about a company I advise called Invincea. They have just been named a finalist for the Most Innovative Company at the RSA 2011 conference. This is a big deal. And it is for good reason. If you are concerned with malicious code please check them out.

Invincea has allowed me to contribute some context on key issues with malicious code in the enterprise. Some of that context is in a short video clip pasted below:

httpv://www.youtube.com/watch?v=8kw9VW5Cm9w

I imagine to most enterprise security professionals the things I say in the clip are pretty much obvious. I talk about users doing what users are supposed to do and how frequently that results in malicious code being brought into the enterprise. I point out something that COL Larry Frank taught me in 1998, that anti-virus protection is necessary but not sufficient. And I talk about the many things we have tried like blacklisting sites, whitelisting sites etc. And of course I talk about defense in depth strategies. I lead, naturally, to the point that you must stop malicious code at the browser. I underscore the “so-what” about the Invincea approach.

One point to remember: Somewhere in your enterprise today, there is a user who is violating your policy and clicking on something they should not be clicking on. Perhaps they are intentionally violating policy. But odds are they have just been tricked. How do you defend against threats that exploit these human-based weaknesses? Defense in depth, of course, and a key component of that defense should be Invincea, in my opinion.

For more see: http://www.youtube.com/watch?v=8kw9VW5Cm9w

Related articles