As threats to data security become more frequent and more complex, traditional “legacy” solutions are inadequate, inefficient, and insufficient. Waiting to receive and issue security “patches” severely delays rapid responses to high-risk exposures and attacks. New security strategies and defenses must include a layered, integrated, and targeted end-to-end solution to malware, vulnerabilities, and risks.

        In 2010, the Verizon RISK Team, in conjunction with the United States Secret Service and others, issued the “2010 Data Breath Investigations Report”, stating that attacks against IT security are becoming more agile, more malicious, and more numerous. Amazingly, 97% of data breaches were through customized malware applications. Going far beyond the usual viral threats and “worms”, current attacks include hacking confidential client and customer information, unlocking critical business-sensitive environments, compromising network hosts, and performing unauthorized message relaying.

        When IT departments conduct an assessment of vulnerabilities, the results are often disconnected with the actual remediation and control solutions implemented. The management strategies for data security are often deployed system-wide when more prioritization remedies based on type of assets and severity of vulnerabilities is needed.

        The recent trends in vulnerability assessment and remediation point to a more integrated approach that closes defense gaps and more actionable threat responses that provide more effective and cost-efficient solutions for data security management. While most patches and more traditional legacy solutions focus on external attacks, it is just as important to attend to internal threats such as malware, which directly targets the users with spam or through browser and web applications in order to gain access to sensitive information. Guarding individual systems can help to detect and deflect entry into user systems by complex malware applications.

        Layered security solutions include multifunctional intelligence resources to identify the more complex and rapid threats to data security that are present today. Virtualized environments and systems need to be continuously scanned and defended wherever they are hosted, and internal as well as external exposures to the host should be coordinated and assessed inside and outside of the enterprise or MBE. A comprehensive solution includes vulnerability assessment for web applications and a combination of related, rather than isolated, remediation approaches.