Virustotal

Reliance on VirusTotal should never be a substitute for a proactive approach to security

Companies should be taking cyber security matters into their own hands, rather than being concerned about new VirusTotal access restrictions

The decision by VirusTotal to restrict access to its service to certain companies underlines the need for businesses to proactively implement whitelist security solutions, rather than place too much faith in blacklist security.

VirusTotal, the largest collection of industry analysis of computer viruses, announced last week that it will end unlimited ratings access to companies that do not share their own evaluations of submitted samples. This has led many experts to conclude that businesses frozen out by these new restrictions may be more exposed to hackers as a result.

However, the more important point to be made here is that organisations should not be relying so heavily on a service such as VirusTotal in the first place. VirusTotal is a tool that has proven to be indispensable to many companies, and marks a triumph of collaboration between members of the cybersecurity community. But what has emerged from the decision to limit access is that many high-profile security firms rely entirely on VirusTotal’s database to keep ahead of the latest threats.

Using a database that only contains known threats is equivalent to walking a cyber security tightrope, and is not an approach that should be taken by companies whose reputation is founded on technological innovation and expertise.

Instead, businesses of all sizes should do more to take charge of their own cyber security destiny, by demonstrating proactivity through embracing whitelist security.

With threats increasing by the day, taking such a passive approach to security just won’t cut it any more. To make data safe from intrusions, companies should be focusing on proactive security, which protects organisations from the unknown threats as well as the known ones. One way to do this is by introducing app hardening software to shield critical applications themselves, rather than by simply establishing a perimeter.

VirusTotal will remain a crucial tool in maintaining cyber security awareness. But to rely on it as the sole resource for keeping data safe is insufficient. Reputations are at stake: to keep them intact, adopting whitelist security will enable organisations to remain one step ahead, rather than one step behind.