With so many security breaches in the headlines from Home Depot to JP Morgan to Dairy Queen, it would appear that cybercriminals are winning the arms race against security professionals. Multinational retailers and banks are generally on the cutting edge of security technology adoption in the private sector, deploying a wide range of the latest network, application, physical and policybased security defenses across their organizations.
One of several answers is that malware is evolving and adapting to evade detection by traditional defenses. Signature-based antivirus (AV) and web gateway technologies can’t keep up with the rapid evolution of evasive malware. As my Lastline Labs colleague and fellow Lastline cofounder and UCSB Professor, Dr. Giovanni Vigna, wrote about in May, nearly half of malware gets past signature-based AV technologies on Day 0, and some malware gets past some AV scanners for a full year.