Is it just me, or has the cybersecurity community really confused the issue by calling everything "APT" these days?
No question APTs are serious business. But almost every article has this undertone of fear that basically says remediation is the answer for everything. In all honesty, I stopped watching Seinfeld on Crackle (which is awesome!) because I get so much humor from the cybersecurity articles I'm reading. When I stop laughing, though, I find them seriously unfortunate and awkward based on the advice they’re offering CIOs and CISOs.
There’s a segment of the cybersecurity community that wants you to believe the following:
Are you kidding me? Is this World War Z? Do I hear Private Joker saying, "Is that you John Wayne? Is this me?"
Many IT and security professionals are in jeopardy of losing their reputations and jobs not because they lack skills but because entrenched cybersecurity companies are dropping the ball when it comes to helping them protect their assets.
Whenever you see so much fear being peddled, it’s usually an indicator that industry vendors are struggling to evolve and innovate. What these fear mongers forget is that a FUD message alienates CIOs and CISOs from the rest of the C-suite. Fear – of “APT”, of anything – does nothing to show how the IT and cybersecurity community is working to solve problems, so CIOs and CISOs become integral to the growth of the business, like other C-suite roles.
Why are many cybersecurity companies emphasizing remediation over prevention? I don't want to take away the importance of remediation, but let's keep the argument in the right context.
When we talk about remediation, what we’re really talking about is incident response. Incident response and many of the current approaches to cyber intelligence are exceptional at telling you what happened after the fact. In other words, the emphasis is on understanding how the robber got in and what they stole after the damage was done.
But this approach means increased cost and complexity when companies need agility and flexibility to survive in today's economy. I have a lot of respect for how far the IR community has taken IT and the cybersecurity industry, but far too many cybersecurity companies use the outstanding work of talented IR teams as a crutch. IR and remediation capabilities simply aren’t enough, which is why the Palo Alto Networks platform covers both detection and prevention.
Our approach to threat prevention extends from our application intelligence and control technology. The intelligence emphasis we put into evasive applications across all active network traffic has allowed us to create a highly effective threat prevention platform.
If you want payload analysis over all network traffic, applications and encryption, for example, just turn on that feature. If you want to extend your existing threat prevention and application and user policies to mobile or virtualized cloud environments, use one platform to do it. And the technology acquired through our recent acquisition of Cyvera allows us to extend everything we do in active network traffic all the way to active memory in endpoints.
We are everywhere across your network traffic, endpoint memory and virtualized cloud. Our platform:
Let’s leave behind all that fear messaging and talk about how a real platform approach can work for all of us.
By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement. Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.