What Malware is Telling Us

Damballa's David Scholtz on Defending Against Advanced Threats
What Malware is Telling Us
The techniques employed by advanced threats aren't particularly sophisticated. It's the intellect and infrastructure behind them that create greater risks, says David Scholtz, CEO of Damballa.

It's not that conventional anti-malware defenses no longer work, Scholtz says. The problem is: Cybercriminals are more ingenious in how they work around layered security defenses.

Here's an example of a recent threat detected by Damballa, which specializes in advanced threat protection:

Cybercriminals targeted a specific company and noted that the organization's employees frequently ordered lunches online from a nearby restaurant. Instead of assaulting the target company's systems, the hackers infected the restaurant's online menu and caught customers as they ordered.

"The innovation that the bad guys are bringing to bear here in the infrastructure they deploy, the amount of capitalization they have ... is all geared around the evasion of the traditional layers of security," Scholtz says. "Each individual ingredient of a technique may not be sophisticated. It's how they sequence those techniques together that becomes sophisticated."

In an interview with Information Security Media Group at the Gartner Security & Risk Management Summit 2013, Scholtz discusses:

  • Techniques of advanced threats;
  • How organizations are fighting back;
  • Malware trends to watch.

Scholtz, CEO at Damballa, has 25 years of technology industry experience implementing leveraged go-to-market strategies. Over the past 10 years, he was a member of global leadership teams at McAfee, HP and Mercury. As senior vice president, global alliances, at McAfee, his organization was responsible for the alliances, joint go-to-market offerings, technology integrations and embedded/OEM sales with McAfee's strategic partners worldwide. Before joining McAfee, Scholtz was vice president, Worldwide Alliances and Channel Programs, at HP Software, which had acquired Mercury Interactive, where he was vice president, Americas alliances and channels. Prior to Mercury, Scholtz started his career at Accenture (then Andersen Consulting), later sold enterprise software and was a founder of two technology startups.

Additional Summit Insight:
Hear from more industry influencers, earn CPE credits, and network with leaders of technology at our global events. Learn more at our Fraud & Breach Prevention Events site.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing ffiec.bankinfosecurity.com, you agree to our use of cookies.