Malware Response Teams Fear 2012 Threats Will Grow In Number and Sophistication Faster Than They Can Upgrade Analysis Capabilities
IT teams report they lack the technology and analyst resources to keep up, majority will augment internally-developed products with an automated commercial solution
Oslo, Norway – 14 March, 2012 – More than half of IT leaders (62 percent) fear that malware is growing more sophisticated faster than they can upgrade their analysis capabilities. Additionally, 58 percent cited the growing number of threats as their biggest worry for 2012.
These findings are part of a major survey of malware analysis trends completed by an independent research firm for Norman ASA, a global leader in content security and malware analysis solutions.
It is widely recognized that the volume and sophistication of threats continues to grow dramatically, yet many organizations are only incrementally adding resources to better understand these threats,” said Audun Lodemel, vice president, Marketing. “Analysis is a critical component of a comprehensive defense-in-depth strategy. Failure to maintain an updated understanding of these threats will leave networks increasingly vulnerable.”
Nearly two-thirds (65 percent) predict the sheer number of malware threats will grow by more than 25 percent this year. However, these IT leaders also report their organizations are not making the investments required to keep up. Just 17 percent state that today they are catching all the malware targeted at their company. Even more alarming, just under half (45 percent) predict their malware budgets will go up in 2012 and only one-third (33 percent) state they will add analysts to their response teams this year.
Organizations that do plan to beef up their security capabilities will have a difficult time this year. Just under half believe it will be harder this year than in the past to find malware analysts and a similar number state they will have less time to train analysts this year than in the past.
As a result of these difficulties, 52 percent plan to augment their internally-developed solution with a commercial solution in 2012. Nearly three-quarters (71 percent) will make this move in part because in-house solutions require significant management attention and maintenance.
Analysts Turn to Commercial Anti-Malware Solutions to Support In-house Solutions and Cite Cost Effectiveness
More than half of survey respondents (54 percent) use both internally-developed and commercially-available anti-malware analysis solutions. IT leaders who use commercial solutions outnumber those who have internally-developed solutions by more than 4-to-1 (37 percent versus 9 percent).
Forty percent of IT leaders who purchased a commercially-available malware analysis solution acquired it to support their internally-developed capabilities, while more than one-third (35 percent) listed cost effectiveness as the reason for purchase and another 35 percent turned to a commercial solution to address the number of files their team must analyze.
“IT leaders are falling behind and are turning increasingly to automated commercial solutions to close the gap,” Lodemel said. “Fewer than half of surveyed companies will have bigger malware analysis budgets this year, and even among many of those, their teams will have limited time to train the new personnel.
“Because it will be difficult for analysis teams to handle the sheer volume of threats, the automated solutions IT teams purchase must feature scalability. The ability to simply add effective new appliances to a network as the number of threats increase will significantly help teams keep up with the growing threat of cyberattacks.”
Norman delivers powerful automated malware analysis solutions for enterprise, service providers and government, and recently launched the latest version of its Malware Analyzer G2 platform. This next generation malware analyzer delivers:
This is the industry’s only solution to use Hybrid SandBoxing technology. This delivers the benefits of emulated Norman SandBox analysis while also offering IntelliVM capability which embeds KernelScout (R) technology for discovery of deeply-hidden suspicious software behavior. For more information on Norman’s Malware Analyzer product line, please go to www.malwareanalyzer.com. For more information on all Norman security solutions, please go to www.norman.com.