Are Enterprises Flying Blind When It Comes to Advanced Malware?

The worst attacks are not always the fastest moving ones—the ones you should watch for are those that sit and wait. Advanced malware often exfiltrates data by patiently waiting for its opportunity to strike—stealing it one small piece at a time in the background.

Given this reality, what do organizations think about the dangers of advanced malware? Our friends at Webtorials conducted a survey of IT professionals to find out. The study found a high level of awareness around advanced malware, but also found that most organizations do not possess the means to detect, isolate and repair the damage. Investments in better tools are being made, but current policies only mask these security issues, rather than resolving them.

Here is an overview of the more notable survey findings:

1) Awareness

94% of organizations said they are aware of the dangers advanced malware poses, and another 73% said they view advanced malware as a significant concern. Surprisingly, only 31% employ specific tools to fight against them.


Data from Webtorials study: “Doing Battle with Advanced Malware” 

2)   Threat volume and resources

57% say they experience fewer than five attacks in a week. This seems low, but could result from a lack of appropriate tools to detect the attacks. Considering that 24% of respondents spend upwards of 10 hours a week on advanced malware incidents, which more closely corresponds with those who have appropriate detection tools, could point to a large percentage of respondents being ignorant to many attacks.


Data from Webtorials study: “Doing Battle with Advanced Malware” 

3)   Current Investments

40% of those surveyed said their organizations possess tools for detecting, blocking, and remediating advanced malware threats, while another 30% possess tools for detection and blocking, but not repair. The final 30% said they have no advanced malware security tools, or that they’ve invested in detection tools only, leaving them with no way to address and repair in the event of an incident.


Data from Webtorials study: “Doing Battle with Advanced Malware” 


While a good portion of enterprises are aware of advanced malware and consider it a huge or significant concern, many do not prioritize it when it comes to security. The majority of the prevention budget goes toward detection-only tools that offer no solutions for stopping and eradicating malicious code that has already gotten in. Even though enterprises don’t seem to experience a massive volume of advanced malware incidents each week, they spend a substantial amount of time resolving the few that they do get. Currently though, Sandboxing is still the most commonly used tool to identify malware, but alone it cannot alert a business to network threats with complete accuracy or speed—nor stop them once they have been identified.

In order to not only preempt but also mitigate advanced malware, enterprises should take an integrated and layered approach. In addition to detection, it is crucial to have a way to halt and clean up any damage that an infection may have caused. Together with traditional network security solutions, new multi-faceted tools can work together to create a holistic comprehensive approach to halt advanced malware and other threats before serious harm can be done.


Leave a Comment

16 + 4 =