Advanced Threat Protection: What Is It and How It Works

<span id="hs_cos_wrapper_name" class="hs_cos_wrapper hs_cos_wrapper_meta_field hs_cos_wrapper_type_text" style="" data-hs-cos-general-type="meta_field" data-hs-cos-type="text" >Advanced Threat Protection: What Is It and How It Works</span>

Jun 05

Jun 05

Symantec

Advanced_Threat_Protection_What_Is_It_and_How_It_Works

Symantec recently released its annual report on the current IT security landscape, and much of the research is raising alarm bells for your customers:

• In 2014 it took 204 days, 22 days, and 53 days for vendors to patch the three most exploited zero-day vulnerabilities. In 2013 the average patch time was three days.

• 60% of targeted attacks in 2014 were directed at small and mid-sized businesses.

• Five out of every six large companies were targeted in a spear-phishing attack.

• 317 million new pieces of malware were created in 2014 – nearly a million new threats a day.

These are just the a few of the metrics that jumped out from the report. The document was also filled with anecdotes chronicling the losing battle companies of all sizes and in every industry are fighting to secure their data. In 2015, IT has become both an essential tool and a major vulnerability that could sink the fortunes of even the largest companies. The only solution is to prioritize advanced threat protection.

What is Advanced Threat Protection?

Advanced threat protection is a response to the growing complexity and ubiquity of attacks directed at IT. Not only is the volume and sophistication of these attacks on the rise, but traditional defenses are increasingly proving ineffective. And all of this is happening at a time when the consequences of even a minor data breach can have wide-reaching effects on a company's finances and reputation.

As a result, IT security experts have developed a new paradigm for addressing these advanced threats. This approach relies on a holistic and integrated strategy rather than the piecemeal security measures of the past. Advanced threat protection has three major goals.

  • Detection - Identify threats before they affect IT

  • Protection - Eliminate threats quickly and completely

  • Response - Recognize new and emerging threats before they have been unleashed

In practice, this is the only way for companies to reap the benefits of virtualized machines, cloud computing, big data, and other hot tech trends without putting their most essential asset at risk. Any company that is not prioritizing advanced threat protection right now is flirting with disaster.

How Does Advanced Threat Protection Work?

Responding to today's threats is only possible when companies prioritize each of the three features of advanced threat protection:

  • Detection – Effective detection starts by working across all ports and portals. When an anomaly is detected, a copy of the relevant data is sent to a cloud-based platform for further analysis. This has the benefit of not slowing down network traffic while testing is in process. An optimized testing environment can run the suspicious data through a myriad of testing scenarios to determine its threat level and pinpoint the most effective response.

  • Protection – Threat protection is a time and labor intensive process. Advanced protection prioritizes threats for more efficient response times, and identifies all potentially affected data to eliminate gestating issues. Responders are empowered to make the most of their time and resources.

  • Response – Staying ahead of advanced threats is only possible when the global IT security community joins together. When threats are identified they are sent to a database that collects data and insights from around the world and shares them with the community as a whole. Participants benefit from the experience of others, and international business finally has a tool for eliminating small threats before they grow and spread.

The concept of advanced threat protection is still developing, but developing fast out of sheer necessity. Help guide your customers towards an enterprise-wide IT solution equipped to respond to the threats of of today and tomorrow.

Topics: Beginners/Introduction

symantec-approach-to-defending-advanced-threats