Page 3 of 3
Meanwhile, Cameron Camp, a security researcher with AV vendor ESET, says that antivirus might not solve the complete needs of IT security, but it is one more component in a strategy of defense in depth.
"Endpoint security is not a silver bullet, but that does not mean that you shouldn't put a lock on your front door," he said. "You really have to get inside the mind of this kind of attacker and understand what it is that they are after. Look for uncharacteristic exfiltration -- especially exfiltration that peaks during non-business hours that are probably business hours in the country to which the data is going."
Camp points to IDS and IPS devices as an important component in defense in depth. "Most people don't need super-fast deep packet inspection. But, even less expensive IDS and IPS devices provide a level of security, just like endpoint products provide a level of security. By having these sprinkled throughout your environment, you stand a vastly superior chance of detecting problems and collecting evidence. You want to demonstrate that you've done due diligence, and that goes very far with investors."