The Websense 2013 Threat Report reveals a disturbing trend: the web became significantly more malicious in 2012, both as an attack vector and as the primary support element of other attack trajectories (e.g., social, mobile, email). Websense recorded a nearly six-fold increase in malicious sites overall, 85 percent of which were found on legitimate web hosts that had been compromised. More alarming were security executives reporting most threats were bypassing their traditional controls,
Most current web security and they feel unprepared to meet emerging threats such as spear-phishing. This growth in threats and malicious web content has created a growing market for threat analysis, and stands in stark contrast to the decreasing effectiveness of most web security solutions deployed today.
Industry analysts estimate traditional security defense technologies only protect against 30–50 percent of today’s threats, making them increasingly ineffective. Signature generation and traditional defenses simply can’t keep up with the growth of new threats and advanced attacks.
To take appropriate countermeasures, IT departments need the ability to see advanced threats and attacks that are invisible to their current defenses. Network and threat monitoring solutions can provide such a solution — as long as they meet three key requirements:
- Advanced threat detection
- Data theft or data loss detection
- Forensic and behavioural analysis.