IT security: five misconceptions

Hardly anyone questions the great importance of IT security. But who is responsible for it and how can it be realized? There are still many misconceptions about this. Bromium clears up five common ones.

1. Cyber security is primarily an issue for the IT department

IT security has become an extremely business-critical component for most companies. This also applies to public authorities, which are increasingly relying on digitization and online services. That is why security can no longer remain a purely IT issue. Rather, it must be placed "right at the top." It goes without saying that the responsibility of the individual employee also remains. Regular awareness training for cyber dangers is essential.

2. IT security is too complex

Indeed, companies and public authorities alike are complaining about the increasing complexity of IT security. In many cases, however, these are homemade problems. The latest technologies are continuously being implemented, such as solutions based on artificial intelligence (AI) and machine learning (ML), or security information and event management (SIEM) systems that are complex to implement. Naturally, this increases complexity, and gradually, perhaps, security. But the question arises as to whether the investments really always make sense if security is only improved selectively.

3. Awareness solves many problems

Companies and authorities alike are increasingly recognizing the limitations of their defensive measures. They are therefore also intensifying employee training with regard to cyber dangers. Also the Federal Office for Information Security considers corresponding awareness campaigns to be indispensable. Such measures are correct, but they do not solve all problems by a long shot. Even the best-trained and most cautious employee can be easily outwitted with intelligent attack methods.

4. Browser is the biggest source of danger from the outside

When it comes to external threats, the browser poses the greatest danger - this is a common assessment, but it is at least partially wrong. Although the browser is the most important transport route for attackers along with e-mail programs, attacks via the browser code itself have clearly become less important; in contrast, file-based attacks currently pose the greatest threat. For example, an analysis of malware encountered by Bromium customers and not detected by classic security solutions shows that around 90 percent of all attacks are file-based, whether via malicious downloads or malicious e-mail attachments.

5. SOCs provide comprehensive security

Many companies and government agencies are considering using the services of so-called Security Operation Centers (SOCs) because they cannot get a grip on cyber threats on their own - often for resource reasons. However, SOCs are not a panacea for security threats either; their effect is reactive at best, since they focus on the detection, analysis and remediation of security problems. New malware thus poses problems for them, just like any other classic security solution.

Conclusion

"There are still many misconceptions about how to achieve the highest possible security," explains Jochen Koehler of Bromium. "The cardinal mistake here is to rely mainly on detection. With solutions that rely on attack detection, previously unknown malware is almost impossible to detect. The only logical consequence is to isolate all threats resulting from risky user activities with data from foreign, untrusted sources."

Source: Bromium