• SecurePath for Auto Dealers
  • Services
    • SOC Reporting Services
      • SOC 2® Readiness Assessment
      • SOC 2® Reports
      • SOC 3® Reports
      • SOC for Cybersecurity® Reports
    • IT Advisory Services
      • IT Vulnerability Assessment
      • Network Penetration Testing
      • Privileged Access Management
      • Social Engineering Testing
      • Virtual CISO (vCISO)
      • Written Information Security Program (“WISP”)
      • IT General Controls Audit & Compliance
    • IT Government Compliance
      • CMMC Cybersecurity Services & Compliance
      • DFARS Compliance
      • FTC Safeguards Compliance
  • Industries
    • Financial Services
    • Government
    • Auto Dealerships
    • Enterprise
  • Blog
  • About Us
    • Meet The Team
    • Jobs
  • Contact Us

Call us today! 844-OCD-TECH

Find our Location
OCD TechOCD Tech
  • SecurePath for Auto Dealers
  • Services
    • SOC Reporting Services
      • SOC 2® Readiness Assessment
      • SOC 2® Reports
      • SOC 3® Reports
      • SOC for Cybersecurity® Reports
    • IT Advisory Services
      • IT Vulnerability Assessment
      • Network Penetration Testing
      • Privileged Access Management
      • Social Engineering Testing
      • Virtual CISO (vCISO)
      • Written Information Security Program (“WISP”)
      • IT General Controls Audit & Compliance
    • IT Government Compliance
      • CMMC Cybersecurity Services & Compliance
      • DFARS Compliance
      • FTC Safeguards Compliance
  • Industries
    • Financial Services
    • Government
    • Auto Dealerships
    • Enterprise
  • Blog
  • About Us
    • Meet The Team
    • Jobs
  • Contact Us

Outnumbered: The Importance of Vigilance in IT Security

November 21, 2016 Posted by Robbie Harriman Cybersecurity, IT Security

Cybercriminals are becoming increasingly clever and more creative every day. The measures that may be in place to protect businesses from these threats are vastly outnumbered.

According to a report by OPSWAT, the top 11 antivirus vendors control an estimated 84% of the market. This means 11 companies are tasked with protecting the majority of devices worldwide, a number projected to reach about 6.4 billion in 2016. These statistics do not even take into consideration the fact that standard antivirus protection is a reactive technology – meaning that it only responds when a threat or anomalous event occurs. It is not a proactive control. Standard virus protection mechanisms only have the ability to protect against currently known threats. CNN Money reported that 317 million new pieces of malware were released in 2015. That is nearly a million new pieces of malware per day, and that number is only bound to increase given the prevalence of the internet of things.

Antivirus companies do their best to stay up-to-date to help protect businesses from the latest threats. Software companies work tirelessly to patch vulnerabilities as they are discovered. Yet with nearly a million new threats emerging every day, end users are caught in the middle of a game of virtual cat and mouse.

Vigilance against this overwhelming number of threats means staying ahead of the curve and taking a proactive security stance. There are several solutions that can give you an advantage against the constantly growing negative forces, and continually evolving threatscape.

Heuristic antivirus protection can help keep you protected before threats are identified by standard antivirus solutions. This helps cover the gap between when a threat emerges, and when it is identified and neutralized by standard virus protection. Heuristic approaches monitor behavior, rather than depending on a database of virus definitions based on known threats. However, even with heuristics in place, it is crucial that antivirus signature databases be up to date. Automatic updates should be enabled and signature versions checked regularly.

blue lock

It is important to remember that hardware and software security tools alone cannot protect IT assets from the diverse range of techniques employed by attackers today.  Fortunately and unfortunately, a firewall or endpoint protection suite is only as strong as its configuration. So who oversees this technology? This question presents another staggering statistic. If a quick mental inventory of your organization’s IT Security staff is taken, in comparison to the number of potentially vulnerable elements in your organization, and the number of actors that will seek to exploit these vulnerabilities, it becomes clear how disproportionate the numbers are.

The human element is another aspect that requires constant vigilance. Staff should be not only well-trained, but also well-tested. A phishing campaign can often uncover vulnerabilities within an organization before they are discovered by an outside threat actor. Another proactive approach to remedying the human element is user behavior analytics. This type of solution will examine events in your IT environment and organize and present the data in a way that can expose risky employee behavior. This is a great alternative to the barrage of event logs and change reports that a lot of IT professionals can become accustomed to ignoring.

As IT Security evolves, so do the strategies used to circumvent and undermine it. While this may seem to be a losing battle, there are steps that can be taken to protect your environment, and vigilance is key. Having the proper policies, well-communicated procedures, and strong controls in place can ensure that your business is protected. OCD Tech can assist by performing an assessment of your business’s IT security strengths and weaknesses and by making recommendations which can help to strengthen your security posture.

Share
0
Avatar photo

About Robbie Harriman

Robbie is the Senior IT Audit Manager at OCD Tech.  Robbie joined the firm in May of 2016. Prior to working at O’Connor & Drew, P.C., Robbie worked in IT for other companies, including the heavily regulated casino industry.  He currently travels locally and internationally working on some of OCD’s largest financial services companies.  He has a diverse range of experience in the IT field, with a deep background in IT systems administration and control areas.

You also might be interested in

Vulnerability Scanners: Tell Me Your Dirty Little Secret

Vulnerability Scanners: Tell Me Your Dirty Little Secret

Sep 8, 2020

Have you set up a Nessus scanner and wondered why in the credentialed scan settings menu, the password form field has ‘unsafe!’ next to it?

Ransomware: What You May Not Know Could Hurt You

Mar 9, 2017

Ransomware is one of the most common and devastating infections[...]

OCDTECH.COMMONONLINESCAMS

Most Common Online Scams

Nov 15, 2023

🌐The online world is teeming with opportunities, but it’s also[...]

Find us on

Contact Us

We're not around right now. But you can send us an email and we'll get back to you, asap.

Send Message
OCD Tech logo Audit. Security. Assurance.

IT Audit | Cybersecurity | IT Assurance | IT Security Consultants – OCD Tech is a technology consulting firm serving the IT security and consulting needs of businesses in Boston (MA), Braintree (MA) and across New England. We primarily serve Fortune 500 companies including auto dealers, financial institutions, higher education, government contractors, and not-for-profit organizations with SOC 2 reporting, CMMC readiness, IT Security Audits, Penetration Testing and Vulnerability Assessments. We also provide dark web monitoring, DFARS compliance, and IT general controls review.

Contact Info

  • OCD Tech
  • 25 BHOP, Suite 407, Braintree MA, 02184
  • 844-623-8324
  • https://ocd-tech.com

Follow Us

Videos

Check Out the Latest Videos From OCD Tech!

Services

SOC Reporting Services
– SOC 2 ® Readiness Assessment
– SOC 2 ®
– SOC 3 ®
– SOC for Cybersecurity ®

IT Advisory Services
– IT Vulnerability Assessment
– Penetration Testing
– Privileged Access Management
– Social Engineering
– WISP
– General IT Controls Review

IT Government Compliance Services
– CMMC
– DFARS Compliance
– FTC Safeguards vCISO

Industries

  • Financial Services
  • Government
  • Enterprise
  • Auto Dealerships

© 2025 — OCD Tech: IT Audit - Cybersecurity - IT Assurance

  • OCD Tech
  • About Us
  • Contact Us
Prev Next