It is impossible to build a malware detector that can keep up with advanced polymorphic malware—either at the network perimeter, or at the endpoint. This is a simple restatement of the Halting Problem, proven in 1936 by Alan Turing (who is considered to be the father of the field of computer science)—there can be no general procedure to decide if a self-contained computer program will eventually halt.
Moreover, detection is vastly different from protection. Putting a lid on the pot will not contain the steam, and might well lead to an explosion. Many enterprise compromises that are discovered are found weeks or months after the attack—giving attackers plenty of time to further penetrate the infrastructure and steal data.
(Read More: End of Cable Bundle Inevitable)
We need a phase shift in our approach to the problem of endpoint security. Every device must be able to protect itself "in the wild"—away from the traditional enterprise network perimeter. Users are increasingly mobile, accessing applications from untrusted networks and over the Web, and will make mistakes and click on the wrong things. And a broader trend, toward consumerization of the endpoint, means that user-owned devices will increasingly be used for work.
The phase shift that is needed will deliver endpoints that are secure by design.This will result from hardware enforced isolation, rather than from software-based detection. Hardware-protected devices can use attestation to ensure that an endpoint initializes to a known-good state.
In addition, new approaches, such as Bromium micro-virtualization, allow hardware to protect applications, the operating system and data at runtime, to extract and analyze malware for incident response, and to make endpoints self-remediating.
(Read More: What Netflix and IBM Can Teach Us About Disruption)
The enterprise security landscape is changing profoundly. CISOs must take bold steps forward to adopt new practices to dramatically reduce enterprise insecurity: new OS versions, automated OS and application patching, encryption, and hardware-based protection are vital in a consumer oriented world where devices access cloud-based applications directly, and where the attacker has access to massive computing power.
—By Gaurav Banga, co-founder and CEO of Bromium.
Bromium, a CNBC Disruptor 50 company, has created an approach to enterprise security called micro-virtualization, a replacement for detection-based systems commonly used to protect against malware.