The views of the visionary I spopke with from this veteran anti-malware company took the conversation in directions I had not expected. He started out by asking, “Why, if I have done everything I can to secure my enterprise, is my data still being compromised?”
So, of course, I said, “OK. Why?” Today’s threats, especially those brought into the enterprise over the internet, now are dynamic and obfuscated. The really difficult part of the problem is that a lot of these dynamic and obfuscated threats are from trusted sites. Because the attacks are dynamic – always changing to avoid detection – most anti-malware products are not designed to catch them.
Moreover, most cybercrooks know how to bypass anti-malware measures. So, if you are an innovator in this market, how do you attack the problem?
First, you develop a real-time inspection technology that is both responsive and comprehensive. And you inspect packets as they actually will appear in the browser, not just the header information.
Second, you look at the future and anticipate where the new challenges will emerge. The prevalence of widgets and gadgets poses a huge potential problem. This is a case of users inviting the problems from the internet onto their computers without realizing it. Again, these add-ins are likely to be downloads from trusted sites.
SaaS and cloud computing are becoming more popular due to cost savings and performance characteristics. This challenges content management software to operate in such a high performance environment. Security, Finjan predicts, will need to be in the cloud itself.
What, in this innovator’s view, should content management products look like? First, you need the same level of control and reporting in security products that you would expect in any IT product. In terms of content management, that is very important because the ability to provide detailed, accurate compliance reports is a key requirement these days.
Given that you can accomplish this, the next step is to be able to evolve control and reporting over time as conditions evolve. “No problem,” says Finjan. This is the focus of their content management efforts. And that makes sense. Who else but an experienced researcher and provider of advanced anti-malware products would be looking at content management as the next frontier?