Modern, *proactive* security suites: What are the “must have” components?

I know this will come as a shock to all security experts, but our systems and networks are constantly under attack by an ever-expanding list of malware that threatens just about everything we do online — from working and shopping to communicating and governing. It’s true that hackers never sleep, which means that every corner presents a potential danger each time we go online. If we aren’t adequately prepared to protect the systems we rely on and get ahead of more harmful, targeted attacks, we will continue to fall victim to evolving cyber crimes that are out to exploit our systems to steal sensitive and proprietary information for personal gain, corporate espionage or international deception. We need to move to a modern, proactive security suite.
According to the article, “Time for America to Get Cyber-Serious,” today’s cyber crimes go beyond draining personal bank accounts, but pose a threat to the freedoms, prosperity and security of all Americans. While the Department of Defense sees cyber attacks as a growing threat to the 3.5 million commercial computer systems they depend on to conduct military operations and protect our national security, online threats are a growing problem that’s not just limited to the public sector. Like the DoD, organizations everywhere are susceptible to malware attacks that target specific systems.
With government and private information networks increasingly under attack, a trend recognized in 2001 by the Government Accountability Office continues to hold up a decade later; the biggest difference is today’s online threats are more severe and potentially more dangerous than ever before.

Daily, DOD identifies and records thousands of “cyber events,” some of which are determined to be attacks against systems and networks. These attacks may be perpetrated by individuals inside or outside the organization, including hackers, foreign-sponsored entities, employees, former employees, and contractors or other service providers.

As the bad guys continue to come up with new ways to compromise our systems and network security, one of the ways we can get ahead of these evolving threats is to implement proactive solutions that stop the onslaught of new viruses and malware variants. Application whitelisting is one such solution that stops unapproved applications (like malware payloads) or memory attacks from running on a system, without requiring any advanced information about malicious threats.
You would expect an application whitelisting supplier to suggest the technology as a part of the new proactive defense arsenal– but what are the other ones? I would love to hear your opinions on the subject. What are the “must have” components that make up a modern, proactive security suite?
So, is it time to get “cyber-serious”? You bet it is. With new threats on the horizon, both the public and private sectors need to shed their dependencies on reactive solutions that cannot stop modern attacks. If we expect to stop the threats of tomorrow, we need to become proactive and make network endpoint security a priority today.

by JT Keating