CHANNELS

Subscribe to the InfoTech eNewsletter

infoTECH Feature

November 29, 2016

Software Solutions: Are They Really What They Say They Are?

By Special Guest
Leena Boor, Business Analyst

After World War I, France erected the Maginot line of fortifications on its border with Germany to defend against any incursions by a new German army. Although the Maginot line served its purpose of defending against traditional attacks, it failed to protect against the new style of Blitzkrieg attacks and it wholly ignored the prospect of an invasion through the Ardennes forest, which the French had perceived as a natural defense against attacks. Software solutions against hacking attacks suffer the same weaknesses as the Maginot line: they protect against known and traditional styles of cyberattacks, but they do not anticipate new styles of attacks or new software tools that hackers use to perpetrate cybercrimes. To the extent that a software solution is not what its developers say it is, cyber insurance provides a remedy for the financial losses that occur when a software solution does not prevent an attack.

Computer security experts are increasingly of the opinion that antivirus software solutions will miss the bigger and newer network threats. The hacking community is intelligent and organized enough to test its tools and techniques against virtually every anti-hacking software solution. They quickly discard malware and other viruses that are caught in software solution snares and move on to more effective hacking tools that those solutions will not detect. The broader adoption of open-source software has further expanded these risks by giving hackers multiple entry points that are left wholly unprotected by commercial antivirus software solutions.

Regardless of training, employees continue to click on links from unknown sources and to divulge information to callers who pose as internal company personnel. Organizations will continue to rely on anti-hacking software to provide a first level of network defense against these problems and to comply with industry and regulatory standards. Cybercrime sophistication is now pushing those organizations to adopt alternate strategies, and to protect themselves against financial losses with cyber insurance when software solutions and other strategies fail to prevent a data breach.

Analyzing data for evidence of attacks is one of the more effective alternative strategies that organizations are now using. Repeated queries from the same IP address, for example, might be a signal that a hacker is probing an organization’s defenses. Organizations are also assessing the value of their internal data to different types of hacking interests, and are erecting specific defenses to protect against hacks from the most likely sources. Industry associations are stepping up to share information on attacks that are specific to a particular industry.

When software solutions and alternative strategies fail, the effects on an organization can be ruinous. In 2009, a small construction company in Maine, for example, lost almost $600,000 in less than seven days when cyber thieves used a virus to steal banking credentials that the company used for payroll processing. The thieves transferred money out of the company’s account before it realized that it had been hacked. The company sued its bank to recover the loss, but it lost the case. If it had maintained cyber insurance, that insurance would have covered much or all of its losses.

Cyber insurance policies are available to protect corporations against direct losses like the theft that the Maine company experienced, as well as liabilities to third parties whose information is compromised when a software solution fails to stop a cyberattack. Loss of that third-party information can impose millions of dollars of direct and indirect costs upon a company. Any company that stores and maintains customer information, particularly financial information that can be connected with personal data, needs its own cyber insurance policies.

About the Author

Leena Boor is a professional writer and business analyst. She specializes in small business branding and marketing tips and is also involved in the launching of startup companies. She creates well-researched and unique content designed to keep readers engaged. She also likes to use social media and read travel books.

           




Edited by Alicia Young
FOLLOW US

Subscribe to InfoTECH Spotlight eNews

InfoTECH Spotlight eNews delivers the latest news impacting technology in the IT industry each week. Sign up to receive FREE breaking news today!
FREE eNewsletter