According to former IBM Chairman, President and CEO Ginni Rometty, “Cybercrime is the greatest threat to every company in the world.” Hackers are executing cyberattacks every 39 seconds and data breaches cost companies an average of $3.9 million. So, it’s not hard to understand why Rometty makes this claim. From phishing scams to ransomware to advanced malware threats, cyberattacks are a real risk for businesses of all sizes.
Having in place firewalls, anti-virus and anti-malware protection is a good place to start. But cybercriminals are continually getting more sophisticated. Those traditional measures are no longer enough to protect business devices and networks.
In today’s environment, businesses need to take a layered approach to cybersecurity. That means various security solutions working at various levels of an IT infrastructure. And that includes Advanced Threat Prevention (ATP) and Advanced Threat Detection (ATD) solutions.
Protecting Against Advanced Malware Threats
The purpose of both ATP and ATD are to protect against advanced malware threats, also known as advanced persistent threats (APT).
Advanced malware threats involve a long-term process that a hacker begins by gaining access to an operating system or network. This occurs with the cybercriminal first finding a foothold – basically, a way into the system – often through spear-phishing or uploading malicious code to the network. The code may sit undetected on the system for as long as the hacker would like. When the time is right, the hacker then attacks the network. These attacks may include extraction of sensitive data, theft or destruction of the network infrastructure.
Unfortunately, because of the stealth and persistence involved, traditional anti-malware solutions often don’t detect advanced malware threats. That’s where Advanced Threat Prevention and Advanced Threat Detection come in.
Advanced Threat Prevention (ATP)
The purpose of Advanced Threat Prevention – sometimes called Advanced Threat Protection – is to identify advanced malware threats before they enter a system.
ATP solutions can differ in approaches and components. Most include some combination of:
- Endpoint agents
- Network devices
- Email gateways
- Malware protection systems
- A centralized management console to correlate alerts and manage defenses
Advanced Threat Detection (ATD)
The purpose of ATD is to detect malicious software that has bypassed other cybersecurity measures – such as firewalls and anti-virus software – and infiltrated the system.
In order to discover these attacks, ATD solutions often include:
- Behavioral analysis
- Automated monitoring
- Other detection mechanisms
For our Atlas managed services clients, we use a product called Huntress for ATD.
Why Businesses Need ATP and ATD
Simply put, ATP and ATD make it more difficult for cybercriminals to gain access to and penetrate a business’ IT network. Cybercrime continues to rise, and cybercriminals and advanced malware threats continue to get more sophisticated. That means that businesses must also get more sophisticated with how they protect themselves.
If your business is not currently protected with ATP and ATD, contact your Managed Service Provider (MSP). They will be able to give you guidance on how to integrate these additional layers of protection with your existing cybersecurity solutions.