The Changing Security Landscape

As email security becomes more mature and effective, malicious software threats are migrating from time-delayed SMTP email traffic to real-time HTTP Web traffic. At the same time, the risk of sensitive personal and corporate information being stolen is growing exponentially as more and more business is conducted over the Web. Since 1999, more than 90 percent of all documents have been produced digitally; more than 42 percent of all U.S. Internet users have online banking accounts; and more than 160 billion e-mail messages are sent daily, according to computer services firm CSC. Businesses are more vulnerable to these Web-based threats, and hackers are focusing on the Web vector as the easiest route into the network.

Source: CP Labs

Additionally, cyber criminals are developing blended threats that leverage weaknesses in one communication method to target another, increasing the need for security across multiple protocols. Exploits to browser vulnerabilities are combined with backdoor programs, rootkits and keyloggers to infiltrate corporate networks through multiple attack vectors and achieve multiple malicious goals at the same time.

Key developments include:

• The nature and scale of malware threats are changing and the Web browser has become one of the most vulnerable points of entry.
• Computer crime is now motivated by financial gain and has become highly organized and increasingly stealthy.
• The emergence of spyware is a visible example of how the threat landscape has changed. Spyware represents the fastest growing area of Web threats, and spy programs are quickly overtaking traditional viruses and worms as the most prolific security threats to business.
• Despite the proliferation of mobile devices, the Internet gateway remains the most effective and logical location to combat malware attempting to enter the corporate network.