You don’t need to be a security expert to know that malware is a problem. Anyone with an internet connection or a TV can see that security threats and breaches are constantly in the news.

But security analysts know that organizations need to worry about more than just sophisticated attacks; simple (yet extremely effective) malware campaigns, such as ransomware, are leading to complex security issues like never before. With nearly 500 million unique samples of malware appearing every year, trying to individually detect every single variant is not an effective defense strategy.

Zero-Day Exploits: A Serious, Rare Threat

Security professionals spend a good deal of time worrying about zero-day exploits — brand new attacks that no one has ever seen before. While it only takes one zero-day to really ruin your day, the rate of malware infection via unknown threats is relatively low.

In fact, Gartner estimated that 90 percent of exploits occur on vulnerabilities for which a patch has been available. The Verizon’s “2016 Data Breach Investigations Report” noted that newly exploited CVEs are “mostly and consistently older than one year.”

With such a high success rate, attackers are much more likely to focus their efforts on publicly available exploit information since it is more cost-effective and less time consuming than discovering a new zero-day exploit.

Learn how How Old Technology Can Fight Today’s Most Advanced Cyberthreats

Going Through a Rough Patch

So how do you prevent malware infections? The easy answer is to simply apply the available patch, right?

Well, anyone who has ever implemented a vulnerability management program knows that real life is not that simple. Patch rates of 100 percent are exceedingly rare for a number of reasons: For instance, critical systems that can’t be brought down for maintenance on a moment’s notice can delay patching. With bring-your-own-device (BYOD) programs, it is often hard to even identify what devices need to be patched in the first place.

Of course, this presumes a patch is even available. Of the more than 9,000 vulnerabilities disclosed in 2015 and tracked by IBM X-Force, more than 22 percent did not have a patch available. For this reason, it’s imperative to deploy compensating controls to protect unpatched systems — which is a key part of an effective vulnerability management program.

IPS: A Simple Solution to Complex Security Issues

One such compensating control is a vulnerability-aware intrusion prevention system (IPS). While IPS is a mature technology that has been in the market for nearly 20 years, it has stood the test of time for one simple reason: When properly deployed, it can be an extremely effective countermeasure against even the most sophisticated attacks.

Even more, a next-generation IPS not only protects against known threats, but those that are unknown as well. IBM’s Protocol Analysis Model (PAM), for example, is unique in that in protects against entire classes of vulnerabilities and not just specific, known exploits.

To learn more about preventing simple threats to solve complex security issues, watch the on-demand IBM webinar, “Back to Basics: How Decades-Old Technology Can Fight Today’s Most Advanced Cyberthreats,” featuring Gartner research director Craig Lawson.

More from Network

Beware of What Is Lurking in the Shadows of Your IT

This post was written with contributions from Joseph Lozowski. Comprehensive incident preparedness requires building out and testing response plans that consider the possibility that threats will bypass all security protections. An example of a threat vector that can bypass security protections is “shadow IT” and it is one that organizations must prepare for. Shadow IT is the use of any hardware or software operating within an enterprise without the knowledge or permission of IT or Security. IBM Security X-Force responds…

Beyond Shadow IT: Expert Advice on How to Secure the Next Great Threat Surface

You've heard all about shadow IT, but there’s another shadow lurking on your systems: Internet of Things (IoT) devices. These smart devices are the IoT in shadow IoT, and they could be maliciously or unintentionally exposing information. Threat actors can use that to access your systems and sensitive data, and wreak havoc upon your company. A refresher on shadow IT: shadow IT comes from all of the applications and devices your employees use without your knowledge or permission to get…

X-Force 2022 Insights: An Expanding OT Threat Landscape

This post was written with contributions from Dave McMillen. So far 2022 has seen international cyber security agencies issuing multiple alerts about malicious Russian cyber operations and potential attacks on critical infrastructure, the discovery of two new OT-specific pieces of malware, Industroyer2 and InController/PipeDream, and the disclosure of many operational technology (OT) vulnerabilities. The OT cyber threat landscape is expanding dramatically and OT asset owners and operators, all of whom understand the need to keep critical infrastructures running safely, need to be aware…

How to Compromise a Modern-Day Network

An insidious issue has been slowly growing under the noses of IT admins and security professionals for the past twenty years. As companies evolved to meet the technological demands of the early 2000s, they became increasingly dependent on vulnerable technology deployed within their internal network stack. While security evolved to patch known vulnerabilities, many companies have been unable to implement released patches due to a dependence on legacy technology. In just 2022 alone, X-Force Red found that 90% of all…