EXPOSING THE UNKNOWN: HOW SANDBOXING TECHNOLOGY FIGHTS MODERN THREATS

Exposing the Unknown: How Sandboxing Technology Fights Modern Threats | White Paper Cybercriminals don’t discriminate. Advanced persistent threats have targeted both large and small organizations alike. You don’t have to be a government agency, a massive financial institution, or an energy company to become a victim. It’s all about the information. Virtually all companies have information that is damaging in the wrong hands and must mitigate these threats. THE CONSEQUENCES The consequences of not protecting your company’s data and networks are dramatic and severely damaging to all those involved. We don’t have to look very far to find evidence of data and network breach catastrophes – Anthem, Target, Home Depot, and Sony, just to name a few. There can be downtime from compromised systems, loss of intellectual property and the burden of remediation such as restoring systems from backups. With the average cost of a data breach at $154 per record according to Ponemon research, and many incidents involving thousands, or even millions of records, the average total cost of a single data 3 breach rose 23 percent to $3.79 million in 2015. Reputation and Customer Trust Data breaches cause potentially long-lasting damage to your brand and reputation. Brand value on average decreases 21% as a direct result of a security breach. Recovering and restoring your reputation takes time. Ultimately, a data breach leads to decreases in customer trust because your company wasn’t able to protect their personal information. Drained Resources The 2013 Target breach is perhaps one of the biggest examples of the extreme financial loss for companies that fall victim to a security breach. Total reported losses to date exceed $248 million. This figure includes insurance payments, card reissuance costs for customers, liabilities to payment card networks, and expenses for legal, investigative, and consulting fees. Some sources estimate that the costs will ultimately reach more than $2.2 4 billion when including losses from fraudulent charges . This does not include the potential costs to their customers who are concerned about identify theft and credit reputation. Financial institutions usually have the burden of paying the costs of reissuing cards, as well as initial responsibility for fraudulent charges made on compromised credit cards. In some cases, issuers may attempt to recover these costs from retailers for not properly securing their networks and data according to industry standards such as PCI/DSS. Financial institutions can claim a vast array of damages – for costs associated with notifying customers, closing accounts and opening new ones, reissuing credit cards, and refunding any customer losses. It’s also important to note that large companies like Target and Sony are not the only ones being hacked. As described earlier, it’s about the information. Cybercriminals seek opportunities in organizations of any size. They are drawn to the low hanging fruit, which make small businesses a big target. According to Trustwave research, 90% of data 5 breaches impact small businesses. They are consistently hit with social engineering and spear-phishing techniques. And the financial losses can be huge. 3 Korolov, Maria. "Ponemon: Data Breach Costs Now Average $154 per Record." Ponemon: Data Breach Costs Now Average $154 per Record. CSO, 27 Mar. 2015. Web. 16 June 2015. 4 Weiss, N. Eric, and Rena S. Miller. "The Target and Other Financial Data Breaches:." (2004): n. pag. The Target and Other Financial Data Breaches:. Congressional Research Service, 4 Feb. 2015. Web. 20 June 2015. . 5 Trustwave. "2015 Trustwave Global Security Report." (2015): Trustwave Global Security Report. Trustwave, 2015. Web. 1 June 2015. . ©2015 Check Point Software Technologies Ltd. All rights reserved. [Restricted] ONLY for designated groups an d individuals June 2015 CONSIDER THE STATISTICS ? Every 24 seconds, a host accessed a malicious website. ? Every 34 seconds, an unknown malware is downloaded. ? Every minute, a bot communicated with its command and control center. ? Every 5 minutes, a high-risk application is used. ? Every 6 minutes, known malware is downloaded. ? Every 36 minutes, sensitive data are sent outside of the organization. Exposing the Unknown: How Sandboxing Technology Fights Modern Threats | White Paper The Ultimate Lesson Breaches can bring your business to its knees. They impede normal business activity and cause your business to cease functioning properly. You have the ultimate responsibility of making sure your company’s information is secure. So, how do you protect your company in the digital age? You need intelligent technology that keeps up with the threat landscape – technology that can detect and block unknown threats. THE SANDBOX SOLUTION The word “sandbox” brings images of a child’s sandpit in a backyard or on a school playground to our minds. In the software world, it’s actually quite similar. Just like a sandbox is a safe environment for children to play (without destroying other parts of the backyard), a sandbox is a safe environment to evaluate suspicious files, so they don’t wreak havoc on your networks and data. Sandboxing has emerged as a powerful weapon in cyber security – and rightfully so. It is extremely effective at spotting malicious files and targeted attacks that evade traditional signature-based defenses, such as antivirus technology. Here’s how it works: Sandboxing captures an executable file or document and activates that file in a virtual machine or “emulator” that provides a deep analysis that antivirus or firewalls simply can’t deliver. In this controlled environment, potential threats are unpacked and run to see exactly how the executing software behaves, without accessing production systems or the network. If executing files and/or software prove to be malicious, they are dealt with accordingly. This important security technique prevents malicious files or programs from damaging your network or confiscating your information. For detecting unknown threats, sandboxing is very effective and absolutely necessary. As the modern threat landscape continues to evolve, sandboxing will become an integral part of every organization’s overall security arsenal. “ SANDBOXING HAS EMERGED AS A POWERFUL WEAPON IN CYBER SECURITY. TRADITIONAL SANDBOXING Several cyber security companies offer sandboxing technology to analyze potential malware. However, not all sandboxes are equal. Some sandboxes detect unknown malware, but do not actually block malware. More advanced sandboxes share information on newly identified malware with cloud intelligence networks. This expedites the circulation of new attack data, enabling connected organizations to rapidly protect themselves. With a plethora of new
Please complete the form to gain access to this content