A few years ago, a proactive prevention-based security posture was more an aspiration than a reality. The endpoint security tools of the day relied on signature hash matching and heuristics to detect malware. Often, they required a suspect file to execute on, and subsequently infect, one of its subscriber’s endpoints before it could be judged malicious. Others required massive volumes of data to be sent to the cloud to be analyzed, introducing unacceptable delays in detection and response.
All these approaches were inherently reactive. The breakthrough came in 2012, when a group of security thought leaders and data scientists came together to launch Cylance®, introducing a brand-new approach to endpoint defense that leverages artificial intelligence (AI) and machine learning (ML). The endpoint security solution they built, now re-branded as BlackBerry® Protect, was uniquely capable of preventing the execution of never-before-seen malware at the endpoint without reliance on signatures or a cloud connection.
Today, this prevention-first security approach is both proven and practical. Yet, perhaps out of inertia, some organizations still cling to a reactive approach to cybersecurity that has long since passed its expiry date.