Connect with us

Global Banking and Finance Review is an online platform offering news, analysis, and opinion on the latest trends, developments, and innovations in the banking and finance industry worldwide. The platform covers a diverse range of topics, including banking, insurance, investment, wealth management, fintech, and regulatory issues. The website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website. .


“Security Before, During and After the Threat” –Watchwords for Today

Leon Ward

By Leon Ward, UK Field Product Manager, Sourcefire

“An ounce of prevention is worth a pound of cure.” Coined by Benjamin Franklin back in 1736, and applicable to so many aspects of life and business, the phrase even served the IT security industry well for the first quarter of a century. But today this phrase no longer rings true. Leon-Ward

As our protection methods get better and better and security effectiveness levels reach new heights, the bad guys are digging deep and using advanced malware, targeted attacks and new attack vectors to try to circumvent existing protection methods. These attacks are so stealthy that many security professionals struggle to determine if they even have an advanced malware problem. These malicious threats hone in on their victims, disguise themselves to evade defences, can hide for extensive periods and then launch their attacks at any time. Given this new level of sophistication, malware outbreaks are inevitable.
Once you do identify malware on your network, there remain a lot of unknowns, for example: How did the malware get in? How extensive is the outbreak? How does the malware behave? What is needed to recover? How can the outbreak be stopped?
To answer these questions and mitigate the impact of a breach, you need defences that address the full attack continuum – before it begins, during the time it is in progress and even after it begins to damage systems. Let’s take a closer look at some of the best practices in each of these phases and how layers of security infrastructure at each phase must work together for better protection.
Before an attack: It’s pretty simple. You can’t protect what you can’t see. Or, put another way, you need to know what’s on your network in order to defend it – devices, operating systems, services, applications, users, content and potential vulnerabilities. Being able to establish a baseline of information is a critical first step in defending your organisation from attack. Implementing access control over applications and users is also important in this phase. Minimising the attack surface through intelligent and granular controls reduces your organisation’s vulnerability to attackers taking advantage of today’s many attack vectors to glean information and penetrate networks. But this alone is no longer enough.
During an attack:To combat today’s increasingly sophisticated malware, you need the best threat detection possible. To help assess security effectiveness and performance levels, third-party tests of IT security solutions in real-world environments can help you separate hype from reality. Once you can detect a file as malware you can block it. And because malware changes so quickly, having the ability to learn and update detection information based on evolving threat intelligence is critical to maintaining security effectiveness. Still, given the nature of malware today,the best threat detection alone isn’t sufficient to protect your environment.
After an attack: Once advanced malware enters your network it’s safe to assume it will attempt to infect other systems. At this point, marginalising the impact of an attack becomes the end game. You need to take a proactive stance to understand the scope of the damage, contain the event, remediate it and bring operations back to normal. Technologies that provide continuous analysis so that you can take informed protection measures, and even retroactively quarantine files that may have passed through unnoticed but are now identified as malicious, can help you stem the damage and remediate.
Franklin’s words of wisdom put us on the right path. But when it comes to the challenge of defending our networks today, “security – before, during and after the threat” are more suitable watchwords.

Leon Ward
Field Product Manager
Leon works as a field product manager for Sourcefire. Prior to joining Sourcefire, Leon was involved in the design and development of open source (OSS) Intrusion Prevention Systems. Leon applies his strong background in UNIX security and protocol analysis to overcome the challenges of network security monitoring in the enterprise, specifically in the areas of network intrusion detection, threat mitigation, event analysis and vulnerability assessment. In the little spare time Leon finds, he is the lead contributor to the open source network traffic forensics project OpenFPC (Open Full Packet Capture).

About Sourcefire
Sourcefire, Inc. (Nasdaq:FIRE), a world leader in intelligent cybersecurity solutions, is transforming the way global large- to mid-size organisations and government agencies manage and minimise network security risks. With solutions from a next-generation network security platform to advanced malware protection, Sourcefire provides customers with Agile Security®  that is as dynamic as the real world it protects and the attackers against which it defends. Trusted for more than 10 years, Sourcefire has been consistently recognised for its innovation and industry leadership with numerous patents, world-class research, and award-winning technology. Today, the name Sourcefire has grown synonymous with innovation, security intelligence and agile end-to-end security protection. For more information about Sourcefire, please visit
Sourcefire, the Sourcefire logo, Snort, the Snort and Pig logo, Agile Security and the Agile Security logo, ClamAV, FireAMP, FirePOWER, FireSIGHT and certain other trademarks and logos are trademarks or registered trademarks of Sourcefire, Inc. in the United States and other countries. Other company, product and service names may be trademarks or service marks of others.

Global Banking & Finance Review


Why waste money on news and opinions when you can access them for free?

Take advantage of our newsletter subscription and stay informed on the go!

By submitting this form, you are consenting to receive marketing emails from: Global Banking & Finance Review │ Banking │ Finance │ Technology. You can revoke your consent to receive emails at any time by using the SafeUnsubscribe® link, found at the bottom of every email. Emails are serviced by Constant Contact

Recent Post