Connect with us

CyberSecurity

When ‘Good Enough’ security just isn’t enough 

You assume your security architecture is secure, that’s not always the case, writes Hezi Chen, head of Competitive Intelligence

Published

on

HP Wolf Security, hybrid workplace edition 2021

Organizations that provide security understand their products must be secure. Unfortunately, this is not always the case.

A security vulnerability can get baked into an application, and if it does occur, your security partner should act swiftly to resolve the issue. The quick distribution of a patch or effective alternatives are expected.

In 2019, previously unknown vulnerabilities within asecurity vendor’s system were exploited by a state-backed hacking group.

It took a long time for these vulnerabilities to be patched, and two years later, there are still customers running vulnerable systems, leaving their organizations open to cyberattacks.

Choose your vendors with the right track record

As highlighted in this incident, your security vendor must have your back. They should be ready to take every action necessary to efficiently provide quality security.

Working with a mature, well-known security firm can mean the difference between staying consistently secure with proactive and rapid responses versus suffering from compromised systems.

In yet another example, a massive zero-day security hole was discovered with a major security vendor’s appliances. This exploit was active and used against customers for close to a year.

Unfortunately, this is not an isolated incident. Hackers target major security vendors to inflict widespread damage. Here are a few examples of recent security-breaches:

When it comes to high severity vulnerabilities, thesecurity vendor you do business with can become a make or break situation to protect your organization. The following charts identity that not all security-vendors respond effectively to critical and high severity vulnerabilities.

ALSO READ  NCC alerts telecom consumers of new Malware AbstractEmu targeting Android devices

Critical and High Severity Vulnerabilities

In Critical & High Severity, Check Point Software fixes major vulnerabilities 17X – 28X faster than the competition with 6X – 17X less vulnerabilities on its own security solutions.

When Good enough is not enough in security

Overall Security

Generally, security vendors should develop secure products overall and show seriousness in both amount of security vulnerabilities they have in addition to the time it takes to patch, regardless of severity.

Overall, Check Point Software fixes vulnerabilities 5X – 7X faster than the competition and has 5X – 7X less vulnerabilities with its own security-solutions.

When Good enough is not enough in security

Check Point provides the Infinity architecture that encompasses more than 60 security services and provides services for more than 50 types of assets. Experts can respond to requests in real-time or in under 24 hours.

Be ready to protect against sophisticated attacks

History tells us that almost every new innovative service loses ground to a “good enough” competitor. As we’ve seen an increase in attacks like Wannacry and NotPetya and more breaches in organizations such as HBO, Equifax and Uber, there’s a pattern.

Organizations invested a lot in “good enough” security-products, yet they lost the cyber battle. While “good enough” or “2nd best” may be fitting for smartphones or TV’s, it becomes dangerous when this mantra creeps into the cyber security industry.

I believe the single greatest cyber threat to organizations today is the “good enough” proposition pushed by some key players within the cybersecurity industry. In order to overcome this mindset, customer organizations need to ask these hard questions when evaluating their cyber security strategy:

  • Can I afford the risk with “good enough” security?
  • What are the risks specific to my organization?
  • Am doing everything possible to secure my organization and customers, or have I settle for ‘good enough’
  • What exactly am I getting with my security investments?
ALSO READ  Sophos Cloud Optix adds Advancements that automate, simplify detection and response of AWS security incidents

Check Point: Best-in-class security

From its founding nearly three decades ago, Check Point Software has committed to delivering best-in-classsecurity. This accomplishment embodies what Check Point believes in and has proven with customers and partners and within the security industry.

Check Point Software technology includes independent evaluations from Gartner, Forrester, CyberRatings (NSS Labs), MITRE, and more. Your investment in Check Point Software, includes these four points;

1) Real Security – The most important thing in security solution is protection.Security is and has always been Check Point Software’s primary focus in its products and services.

2) Consistent – Check Point Software doesn’t play the “gear up” game to do well with one test then fall off on the next. Each and every day, we build products and support customers and partners with a commitment to provide only the best.

3) Reliable – From firewalls to IPS to NGFW to Advanced Threat Prevention, to Threat Intelligence, machine learning and AI to management, our customers count on Check Point Software for consistent leadership and innovation.

4) Excellence – Check Point Software strives to be the best in every product built, every test joined, every service provided.

Advertisement
Click to comment

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Advertisement
Advertisement
Advertisement

Facebook