The growing complexity (Part 1) of today’s networks and the growing sophistication of today’s threats has outpaced the ability of most traditional security devices to keep up. Until now, the approach of far too many IT teams has been to simply throw more money at the problem by adding yet another device into their security wiring closet. Billions have been spent on this approach every year for decades, and we really don’t have much to show for it. If cybersecurity is an arms race, the good guys aren’t winning.
Instead, security professionals can take a handful of simple, basic steps to better protect their networks.
First, it’s worth noting that 90 percent of all organization face attacks on application vulnerabilities that are at least three years old. 60 percent of these attacks target vulnerabilities that are ten years old. And they continue to be successful – so much so that we have seen cybercriminals switch development resources from new ways to break into networks to more sophisticated tools to use once they get inside. Because for many of these attackers, the assumption is that they are going to get in.