BlackBerry Japan
Presentation Title Not only IT but also OTs become another victim. "80% Increase in Ransomware Damage Crisis" has a common denominator.
AI Mathematical Models for Better Detection and Protection than Existing EPPs
Yuji Yamasaki
Director of Field Marketing, BlackBerry Japan
According to the National Police Agency, the damage caused by ransomware attacks in 2022 jumped by 86% over the previous year. VPNs were the attack vector in 68% of cases, and in over 78% of cases, the victim of the attack was unable to detect it, even when an Endpoint Protection Platform (EPP) was deployed. Even 61% of companies that were able to detect ransomware reported that detection did not lead to a reduction in damage because the problem was due to human factors.
Yuji Yamasaki of BlackBerry Japan suggests that the cause of damage lies in “operation problems” and “technical problems.” To address the operational problems, Yamasaki outlined a document prepared by the CSIRT of BlackBerry Security Services, titled, “The 13 Deadly Sins of APT Incident Response.”
Technical challenges include issues with existing EPPs, such as “malware evolution” (obfuscation), “detectable features,” and “network assumption” (not applicable to OT). To address these, Blackberry Japan is using Cylance AI, a product that applies mathematical model AI to security. This technology makes it possible to detect and defend against ransomware better than existing EPPs.
Some essential requirements for ensuring the security of OT terminals are “the ability to detect and quarantine known and unknown viruses”; “no significant difference in detection accuracy with or without an internet connection”; “the ability to run only specific software”; “the ability to control the connection of USB devices, etc.”; and “not imposing a burden on clients.”
These requirements are met by Cylance PROTECT, an EPP that features Cylance AI. Clients can choose between Cylance ON-PREM, which safeguards Cylance PROTECT even in completely closed environments, and Cylance HYBRID, which can be used with limited internet connectivity. Other available options include Cylance OPTICS, an EDR product, and Cylance GATEWAY, a zero-trust network access product that does not require a VPN.
Related Links
BlackBerry Limited
-
Deloitte Tohmatsu Group
Deloitte Tohmatsu’s Emphasis on “Business Compatibility”
The Importance of Cybersecurity Strategy - IBM Japan Attackers Target the Weakest Link, So Build an Optimal Security System Through “Selection” and “Concentration”
-
Trend Micro
“Know the Enemy”: The First Step in Protecting Your Organization
Understanding the Intention of Attacks for Effective Defense - NTT Security Holdings Organizational Strength of Research Teams Help Protect Japanese Companies from Targeted Attacks
- BlackBerry Japan AI Mathematical Models for Better Detection and Protection than Existing EPPs
- Secureworks A New XDR Method to Protect Organizations from Evolving Ransomware Threats
- Sateraito Office Offering Versatile Security Products and Know-How Cultivated from Working with Over 60,000 Companies
- ZenmuTech Two Technologies for Digital Transformation: “Secret Sharing” and “Secure Computation”
- ServiceNow Japan Visualizing IT Systems Using a Configuration Management Database: Asset Management is the First Step to Security
- Darktrace Japan Visualizing Vulnerabilities and Risks with AI to “Autonomously Prevent” Attacks