Detecting and correcting as important as protecting, Intel Security tells partners

'Huge leap' in ransomware and mobile malware in Q4 demonstrates that firms must look to threat detection and remediation, says Intel Security channel boss Stuart Taylor

Resellers should focus as much on detecting and correcting cyber-attacks as trying to block them, Intel Security's UK channel boss said as the vendor's latest threat report revealed a rebound in malware threats.

According to the Q4 McAfee Labs Threats report, following three quarters of decline, new malware samples spiked in Q4, with 42 million new malicious hashes discovered - the second-highest count ever recorded.

The growth was driven in part by new mobile malware samples, which hiked 72 per cent quarter over quarter to 2.3 million samples.

Ransomware also accelerated again in Q4, with new ransomware up 26 per cent quarter on quarter.

Stuart Taylor, UKI regional director of channel at Intel Security, said the "huge leaps" in ransomware and mobile malware demonstrate companies must be able to rapidly detect threats and correct their systems if they are to stay ahead of cyber-criminals.

"Organisations today understand that it's now a question of when, not if, they suffer a breach," he said.

"As a result, we are working closely with our channel partners to inform them about the shifting threat landscape and set them up to deliver solutions which not only protect assets but also focus on enabling rapid remediation."

The report also assessed the attitudes of 500 cybersecurity professionals towards cyber-threat intelligence sharing, which Intel Security EMEA CTO Raj Samani said is a "crucial" weapon against cyber-crime.

Just 42 per cent of those quizzed said they used shared cyber-threat intelligence, with corporate polices, industry regulations and a lack of information on how it would be used cited as the main barriers.

Despite this, 91 per cent voiced interest in industry-specific cyber-threat intelligence, which Intel Security said could benefit industries such as financial services and critical infrastructure the most, due to the highly specialised threats they face.

Some 72 per cent said they would be willing to share behaviour of malware.

"Cyber-threat intelligence sharing is a crucial strategy to ensure that enterprises across entire industries are able to learn from each other and set up proactive defences to safeguard both their corporations and the industry as a whole," Samani said.

"In many cases, advanced stealthy attacks can lie hidden on a network, undetected. With corporations proactively sharing details of threats and attacks, similar enterprises will also be able to more rapidly detect threats and correct their systems. Detection and correction of a cyber-attack is just as important as the initial protection stage when safeguarding company and customer data."