Podcast: Mitigating Zero Day Threats

DATA SECURITY PODCAST

In a recent podcast interview with Steve Morgan, editor-in-chief of Cybercrime Magazine, Robert E. Johnson, III, Cimcor CEO/President discusses the latest views on data security and the importance of system integrity monitoring and best practices for businesses regarding file integrity monitoring.   The podcast can be listened to in its entirety below.

 

Welcome to The Data Security Podcast sponsored by Cimcor. Cimcor develops innovative, next-generation file integrity monitoring software. The CimTrak Integrity Suite monitors and protects a wide range of physical, network, cloud, and virtual IT assets in real time while providing detailed forensic information about all changes. Securing your infrastructure with CimTrak helps you get compliant and stay that way. You can find out more about Cimcor and CimTrak on the web at cimcor.com/cimtrak. 

Q: Joining us today is President and CEO Robert Johnson, III. Robert has been a pioneer in the development of next-gen, system integrity monitoring, self-healing systems,  and cybersecurity software. Rob, great to have you back with us.

A: Great to be back with you, Steve, as always.

Q: So cyber security ventures conducted some research in an area that you are intimately familiar with. We are looking ahead to 2021, and by the end of 2021 expecting there to be approximately 1 zero-day exploit per day. That’s up from one per week in 2015. So we want to talk to you about zero-day attacks. Has the industry gotten better at detecting them, and why? And why haven’t they? If not and also your observation. Are you seeing what we are seeing as many new zero-day exploit as we are?

 

A: Yes your data is correct. Zero-day exploits are a real problem. And what is sad is that this is the problem despite all of the cool new security tools that are coming out constantly. Over the last few years, what we’ve seen,  it corresponds to your data, is the meantime to detect a breach has gotten worse.

 

The Ponemon Institute reports that the average time to detect a change is now 185 days. So that zero-day attack that you described that’s occurring every day won’t be detected for more than half a year. So that’s quite concerning. I believe that the security industry is really attacking the problem from the wrong direction.

 

Just because the focus is always on identification and security. Because that’s attractive and interesting. People want to identify threats and give it a name and they do it via a variety of methods whether its AI, or heuristics or statistical methods and I know that makes people feel better. If you can identify the threat, and name it. But in reality, what really matters is keeping your system secure from a threat regardless of the name of that threat or its identification.

 

So we believe the real key to securing your infrastructures in light or in this world where there is one new zero-day attack or zero-day exploit every day, is to focus on understanding when the state of assets in your IT infrastructure have changed.

 

And when I say the state of assets I really mean the integrity of those assets. Because if you can stabilize and ensure that the integrity of all those assets haven’t changed over time, you can guarantee the integrity of those assets. And then you’ll be able to mitigate most threats.

 

 

A: Look forward to being with you again Steve.