{"id":5942,"date":"2014-06-25T15:00:02","date_gmt":"2014-06-25T22:00:02","guid":{"rendered":"https:\/\/www.paloaltonetworks.com\/blog\/?p=5942"},"modified":"2014-06-25T13:42:45","modified_gmt":"2014-06-25T20:42:45","slug":"remediation-fear-answer-everything-really","status":"publish","type":"post","link":"https:\/\/www2.paloaltonetworks.com\/blog\/2014\/06\/remediation-fear-answer-everything-really\/","title":{"rendered":"Remediation and Fear Are the Answer for Everything? Really?"},"content":{"rendered":"

Is it just me, or has the cybersecurity community really confused the issue by calling everything \"APT\" these days?<\/p>\n

No question APTs are serious business. But almost every article has this undertone of fear that basically says remediation is the answer for everything.\u00a0In all honesty, I stopped watching Seinfeld on Crackle (which is awesome!) because I get so much humor from the cybersecurity articles I'm reading.\u00a0When I stop laughing, though, I find them seriously unfortunate and awkward based on the advice they\u2019re offering CIOs and CISOs.<\/p>\n

There\u2019s a segment of the cybersecurity community that wants you to believe the following:<\/p>\n

    \n
  1. You are a bad leader<\/li>\n
  2. Your organization is riddled with governance failure<\/li>\n
  3. There are too many bugs in applications<\/li>\n
  4. There is an insurmountable security gap<\/li>\n
  5. You need to hire an army of PhDs to run complicated systems<\/li>\n
  6. Attacks are all \"APT\"<\/li>\n<\/ol>\n

    Are you kidding me?\u00a0Is this World War Z?\u00a0Do I hear Private Joker saying, \"Is that you John Wayne?\u00a0Is this me?\"<\/p>\n

    Many IT and security professionals are in jeopardy of losing their reputations and jobs not because they lack skills but because entrenched cybersecurity companies are dropping the ball when it comes to helping them protect their assets.<\/p>\n

    Whenever you see so much fear being peddled, it\u2019s usually an indicator that industry vendors are struggling to evolve and innovate. What these fear mongers forget is that a FUD message alienates CIOs and CISOs from the rest of the C-suite.\u00a0Fear \u2013 of \u201cAPT\u201d, of anything \u2013\u00a0does nothing to show how the IT and cybersecurity community is working to solve problems, so CIOs and CISOs become integral to the growth of the business, like other C-suite roles.<\/p>\n

    Prevention vs. Remediation<\/h3>\n

    Why are many cybersecurity companies emphasizing remediation over prevention? I don't want to take away the importance of remediation, but let's keep the argument in the right context.<\/p>\n

    When we talk about remediation, what we\u2019re really talking about is incident response. Incident response and many of the current approaches to cyber intelligence are exceptional at telling you what happened after the fact.\u00a0 In other words, the emphasis is on understanding how the robber got in and what they stole after the damage was done.<\/p>\n

    But this approach means increased cost and complexity when companies need agility and flexibility to survive in today's economy.\u00a0I have a lot of respect for how far the IR community has taken IT and the cybersecurity industry, but far too many cybersecurity companies use the outstanding work of talented IR teams as a crutch. IR and remediation capabilities simply aren\u2019t enough, which is why the Palo Alto Networks platform covers both detection and prevention.<\/p>\n

    Our approach to threat prevention extends from our application intelligence and control technology. The intelligence emphasis we put into evasive applications<\/a> across all active network traffic has allowed us to create a highly effective threat prevention platform.<\/p>\n

    If you want payload analysis over all network traffic, applications and encryption, for example, just turn on that feature.\u00a0If you want to extend your existing threat prevention and application and user policies to mobile or virtualized cloud environments, use one platform to do it.\u00a0And the technology acquired through our recent acquisition of Cyvera<\/a> allows us to extend everything we do in active network traffic all the way to active memory in endpoints.<\/p>\n

    We are everywhere across your network traffic, endpoint memory and virtualized cloud.\u00a0Our platform:<\/p>\n