The need for active response to advanced threats – passive remediation is insufficient

The need for active response to advanced threats – passive remediation is insufficient

Report Author(s): Fran Howarth

Today’s advanced attacks are increasingly pernicious, with attackers looking to bury deeply into networks so that they can carry out their deeds over long time periods, increasing their chances of garnering a horde of sensitive, valuable information. Those attacks are so widespread that every organisation should consider that it is a victim. It is no longer if, but when and how often an organisation will be attacked. Prevention alone is no longer sufficient.

Rather, organisations need to be proactive in seeking out incidents that have occurred and in actively removing threats. A strategy of containing threats is just a stopgap. Manual investigation and remediation of individual threats—often with the aid of a services organisation, whose mitigation efforts are often not repeatable—must be replaced with automated threat removal. This will allow an organisation not only to recover from security events faster and more efficiently, but will allow it to benefit from the automated learning offered by security platforms that provide effective tools for threat removal, providing it with the ability to better safeguard itself against similar events in the future. In this way, business disruption will be minimised and the organisation will be better able to get on with what it does best.


Bloor Research

Bloor is an independent research and analyst house focused on the idea that Evolution is Essential to business success and ultimately survival. For nearly 30 years we have enabled businesses to understand the potential offered by technology and choose the optimal solutions for their needs.