As regular readers of the CimTrak blog likely already know, there are a few yearly occurrences (such as reports or events) that we keep abreast of and like to chime in about here. The Verizon Data Breach Investigation Report is one of those pieces that we wait eagerly for each spring. You can check out our thoughts on the 2014 report here [link], if you would like to read what was compelling about the report last year.

 

Malware, Malware Everywhere

There was one notable point in the report regarding how black-hat hackers and malware developers are utilizing creativity to circumvent traditional antivirus methods of recognizing signature and hash-matching techniques. By instituting small changes into the code of their malicious malware, these cybercriminals are able to avoid detection.

A recent revelation is startling security professionals, almost 1 million pieces of malware are coming to light every day [1].

So is the value of antivirus technology diminishing? On page 21, the report states that 5 new malware instances are emerging EVERY SECOND! While it didn’t go so far as to say “AV is dead” it did say that leaning on a signature-based approach alone is not enough. If all this isn’t enough to give you chills as an industry insider (let alone as a citizen with a domestic life that relies on technology to manifest our daily needs), many are specifically and uniquely designed to cripple a single organization. The report posits that 70-90% are targeted in this manner.

 

Concerns on the PCI Front

If you are looking for more detail about the state of the payment card industry (PCI) please take a look at our blog post on the 2015 Verizon PCI Compliance Report. There was a wealth of detail within that document that is applicable to our customers and partners. Of course, if you are interested in the deeper nuts and bolts you should definitely go read both of these reports for yourself.

Some points of the 2015 Verizon PCI Compliance Report were:

  • Compliance with Requirement 11 has fallen behind
  • Many organizations are not adequately monitoring “in-scope” systems
  • File integrity monitoring/change detection is hard to use & very costly

 

Taking Control of PCI Compliance & Malware

With the file integrity monitoring and change detection platform that CimTrak offers these points no longer need to be an issue. File integrity monitoring (FIM) and change detection don’t have to be difficult to use and expensive. CimTrak is used by many organizations because it makes FIM simple and comes at a budget-friendly price. No extensive training is involved which means that everyone in your organization can understand the solution and actually use it.

So how do your detect malware that evades perimeter defenses that are targeted as mentioned in the report?

With CimTrak, malware can be immediately detected and IT staff can be alerted to those via email in real-time. Complete information can even be sent off to a Syslog server or SIEM for further analysis What’s more, malware can even be completely prevented from taking up residence on your systems by utilizing the “Deny Rights” mode. Now that’s protection!

References

[1] http://money.cnn.com/2015/04/14/technology/security/cyber-attack-hacks-s...

FIM for PCI 3 easy steps

Tags:
Jacqueline von Ogden
Post by Jacqueline von Ogden
April 30, 2015
Since 1999, Jacqueline has written for corporate communications, MarCom agencies, higher education, and worked within the pharmacy, steel and retail industries. Since joining the tech industry, she has found her "home".

About Cimcor

Cimcor’s File Integrity Monitoring solution, CimTrak, helps enterprise IT and security teams secure critical assets and simplify compliance. Easily identify, prohibit, and remediate unknown or unauthorized changes in real-time