As I’ve been meeting with customers and prospects lately, one question keeps coming up: “Why do I need to protect my storage and applications?”
I wanted to share my perspective, shaped by past experience, and explain why I deployed Deep Instinct.
The short answer: Assume everything is malicious.
Don’t rely on a single layer of defense. Why? At the endpoint, the attacker is already one step from winning. You want to prevent the threat as far away from your critical business services, infrastructure, and data as possible. Cyber technologies are not bullet proof, especially against shifting threats, and supply chain risk is real. (I include any third party in the supply chain, including customers of your business). We tend to trust that our partners and vendors are doing the right thing. And while they may have compliance programs in place, time and again, we’ve seen real world breaches of 'compliant' third parties.
An example of this exact situation was recently reported by Help Net Security when an unnamed MSP was compromised by an attacker who then used their access to client environments to upload the DragonForce ransomware. This breakdown in security is significant because the ransomware came from a ‘trusted’ source that had legitimate access, who could push files (various updates) into client environments
While supply-chain attacks like this have the potential to degrade the trust in an entire industry and create a chokepoint for management, the danger isn’t limited to MSPs. There are many such examples from M&A, zero-trust (between zones), customer-facing documents, and file transfer systems—the list is endless. This incident demonstrates why organizations need to scan everything, including updates from trusted partners.
Data Security X (DSX) for Applications provides an elegant solution to this problem—and it is what I deployed at scale to neutralize this threat vector while at Citi. Using advanced deep learning AI, DSX-A can be deployed by either the customer, or the MSP in this case, to scan and verify the updates being pushed to client environments. Because DSX-A doesn’t rely on rigid machine learning capabilities, known signatures, or human-biased heuristics, it’s able to prevent novel attacks as well as known attacks. Industry-best scan speed also ensures that managed updates don’t become a bottleneck or organizational headache. All of this is done with data privacy in mind, ensuring we neither see nor use your data for any purpose.
This deployment provides a significant reduction in risk, adding an advanced layer of preemptive data security before the attacker achieves their objective, which is usually access to your devices and data. Criminals are getting bolder and better every day at bypassing traditional security measures and technologies that the industry has long relied upon. New solutions that can match the flexibility of cybercriminals are an operational imperative in the era of AI-driven threats.
Deep Instinct is uniquely capable of providing this new form of preemptive data security. By implementing comprehensive scanning across all data and updates—regardless of source—organizations can better protect themselves against evolving threats. Get your free scan to see it in action.
