CISO guide to next generation threats

Defending against next-generation threats requires a strategy that moves beyond signatures and behavioral heuristics. Signatures and heuristics remain valuable against known threats: criminals never throw away an exploit toolkit or other penetration technique, they just add new capabilities and concoct new evasion tactics. But against unknown threats, traditional defenses like firewalls, IPS, antivirus and Web gateways collapse, leaving a wide-open hole for cybercriminals. Today’s attacks look new and unknown to signature-based tools because the attacks employ advanced malware and zero-day vulnerabilities. These attacks do not trigger heuristics because of techniques like camouflage, multi-stage packaging, targeting and other advanced persistent threat (APT) tactics.