What Does True Prevention Look Like?

In this video, Cylance Chairman and CEO Stuart McClure, Chief Security and Trust Officer Malcolm Harkins, Rich Thompson, VP of Sales Engineering, and Worldwide VP of Sales Engineering Gabe Deale discuss what true prevention in the cybersecurity industry looks like.

What do you think of when we say the word “prevention?"

Prevention, to us, looks like a quiet environment. It means you’re not running around reacting to constant alerts and alarms. Alarm Fatigue is real and a security threat when repeated over time - an IT team weary of constantly clicking the ‘close’ dialog on hourly pop-up alerts may not react with the necessary speed and efficiency when an alert for a real attack comes through. You may not think that an antivirus that pops up nine alerts a day has any effect on your staff, but imagine you set off a fire alarm drill nine times a day at your office – and then the tenth alarm of the day was for a real fire. How many staff members would react to that tenth alarm as though it were a real emergency?

Prevention looks like your business is executing towards its mission. And doing so without having to hire extra staff or asking your security team to work overtime. Consider how many hours you and your team have spent in the past reacting to a security crisis, whether that be a piece of malware that somehow got through your layers of defense, or a full-blown ransomware attack on your company’s headquarters. Wouldn’t it be nice to know that you can go home at the weekend and spend it with family and friends, rather than spending it in the IT lab reimaging dozens or even hundreds of staff laptops?

Prevention looks like a strategy that allows us to stop attacks upfront. That sounds very simple, which is as it should be. Here’s a theoretical example of how our technology works transposed onto the real world. By leveraging the power of artificial intelligence and machine learning for, for example, an organization like the TSA, the machine learning model could look for certain characteristics and qualities about each unique individual, and some of these may fall in line with the millions of characteristics we know to be oriented with attacker type behavior. This entire scan could occur in just a handful of milliseconds, and the staff monitoring this software could actually address the issue before the person ever got anywhere near the terminal.

Prevention, when used judiciously, looks virtually identical to prediction. Yet prediction can be a confusing word for some, so here’s a simple explanation. To prevent you need to be able to predict, and to predict you first need to be able to learn. Cylance’s AI model works by training and learning, then uses its own acquired judgement by predicting with a new data set that comes in based on that learned set, and so on and so forth. In this way, it can actually prevent malware from executing before it ever starts and runs in memory. That is the cycle of prevention, and that's what you need to be able to truly predict and prevent.

Prevention is possible. The technologies that will allow us to achieve prevention today were not available 10 years ago. Let’s make the most of them today – learn more at: www.cylance.com/thinkbeyond.

For more information on Cylance’s Predictive Advantage, you can learn more here: https://threatvector.cylance.com/en_us/home/cylance-vs-future-threats-the-predictive-advantage.html