Take some time to learn the difference between Protection and Prevention in cybersecurity. Is Prevention better? Find out why in this video.
About Jeff Warren
Jeff Warren is a Principal Sales Engineer at Cylance. He has over 20 years of experience in the security field.
“I'm Jeff Warren. I work for (BlackBerry) Cylance and I'm an SE in the southeast. Our belief is that through mathematical science, we can do actual protection at the endpoint and tell the difference between good and bad files. That approach versus the traditional tried and true antivirus (AV) approach where we depend on signatures and having known things that are bad. We believe that this is the ability to detect files that have never been seen before.
The detection is dependent upon that sacrificial lamb model. In order to use detection as your first line of defense, somebody has to be attacked. Somebody has to feel some pain. In a prevention model, it's our belief that once again, we can stop things that have never been seen before, so we don't have to suffer that initial hit.
Our approach in traditional endpoit detect and response (EDR), the model is that we capture every event on the endpoint. Therefore we have some kind of trail or forensics repository that we can pore back through to find what exactly happened. So we have a path backwards.
In a prevention-first model, we're not necessarily dependent on having to grab every piece of data. We only grab those artifacts that are pertaining to the PROTECT event. It's a much more robust model. It's much more relevant data that we have collected, so it lowers the cost. It lowers the demand for having folks that can come up with algorithms to search through the data so that we can be much quicker to resolution and protection against the threats that we see.
The fact that there's this industry belief that everybody's going to get hit at some point or another. It's the when and not the if.
Absolutely. With the science we have today and the maturity from a generational perspective where machine learning's heading, it is absolutely preventable.”