Many orgs leverage an IDS (e.g., Snort) for detection, though many should really deploy an IPS (e.g., FireEye) for prevention purposes. Especially when it comes to anti-malware purposes.
However, many orgs are now looking to use advanced threat prevention (ATP) solutions on Web / cloud, mobile, or SaaS email endpoints.
Low and behold, it makes sense to take a risk-based approach to negating malware / ransomware. For many orgs, it makes sense to focus on protection sensitive, core competency data that usually resides in a EHR / EMR, ERP, ecommerce standpoint. For those orgs that host these systems, it may make sense to deploy an inline IPS.
No comments:
Post a Comment