OPSWAT Research Highlights Significant Challenges with Malware Analysis, Leaving Organizations Unable to Respond to Emerging Threats

Organizations Struggle with Staffing and are Limited by Existing Tools;
OPSWAT Launches Solution to Orchestrate and Automate Malware Analysis

Tampa, FL | March 1, 2022 - OPSWAT, the global leader in Critical Infrastructure Protection, today announced the results of its State of Malware Analysis 2022 report, which reveals that nearly every organization struggles with malware analysis. Specifically, 94% of organizations are challenged to find, train, and retain malware analysis staff. Furthermore, 93% of organizations are challenged by malware analysis tools that lack automation, integration, and accuracy. Consequently, over 20% of organizations reported they were unable to investigate and resolve a majority of their malicious files or alerts. The report also found that 99% of organizations would benefit from additional capabilities for malware analysis, giving a proof point to the company’s launch of its MetaDefender Malware Analyzer and OPSWAT Sandbox, solutions to help organizations navigate these human and technical challenges.

“Malware analysis is a critical capability for management teams that want to move beyond check-the-box compliance programs and toward proactive threat management and incident response programs,” said Benny Czarny, Founder and CEO at OPSWAT. “To stay ahead of sophisticated adversaries who are targeting critical infrastructure, organizations are undergoing a transformation to stay ahead of these attackers. By adding malware analysis capabilities such as OPSWAT’s MetaDefender Malware Analyzer and OPSWAT Sandbox solutions, critical infrastructure customers can analyze malware that attacks their networks, such as PLC, SCADA and HMI environments to gain better insights and sophisticated reports on threat intelligence to be better prepared for future incidents.”

Evidence from the report suggests that malware analysis is maturing as a business capability since nearly half of the organizations have a dedicated malware analysis function and more than half report intermediate capabilities, which would include sandbox tools for threat detection. However, nearly every organization struggles with the human element of malware analysis and the technical limitations of their existing solutions.

Key Findings from OPSWAT’s State of Malware Analysis 2022 report include:

  • Organizations Are Challenged to Find, Train, and Retain Malware Analysis Staff – The top challenge related to recruiting new staff is that there are not enough candidates with the right skills. As a result, the overwhelming majority of organizations rely on training their employees to acquire talent for malware analysis, even as half complain that it is difficult to find effective training programs. Furthermore, these organizations acknowledge their malware analysis function is understaffed – more than half reported staff burnout in the past 12 months, and more than half reported that their existing staff was being aggressively recruited.
  • Malware Analysis Tools Lack Automation, Integration, and Accuracy – The greatest challenges with malware analysis tools are a lack of automation and tools that are not integrated. Without these capabilities, malware analysis can become a time-consuming and error-prone manual process across multiple disparate tools and disconnected workflows. In fact, the most important factor when evaluating malware analysis tools is accuracy – less than one-quarter of organizations are very confident in their ability to identify, investigate, and resolve malware threats.

“The challenges that organizations face with malware analysis is incredibly overwhelming,” said Czarny. “It is easy to see how inexperienced staff, tedious manual processes, and too many malware analysis technical tools contribute to a malware analysis function that can’t even complete half of its workload, leaving organizations vulnerable to attacks.”

Download the Report

OPSWAT Launches MetaDefender Malware Analyzer with new OPSWAT Sandbox

OPSWAT’s MetaDefender Malware Analyzer is a solution for organizations challenged with staffing, limited by technology, or are otherwise struggling with malware analysis. MetaDefender Malware Analyzer is a smarter malware analysis solution that simplifies the security orchestration and automation of malware analysis, enabling both IT and OT organizations to accelerate analysis, reduce complexity, and improve visibility into the threats facing their organization.

“OPSWAT is eliminating the barriers to effective malware analysis by removing the need for specialized skill sets and breaking down the silos between disparate tools,” said Czarny. “Our solution is simple to use, yet extremely powerful. Even evasive malware can be analyzed within a minute – three times faster than regular malware analysis sandboxes.”

Key Features and Benefits of MetaDefender Malware Analyzer include:

  • Ultra-Fast and Automated Approach – Increase the accuracy of malware detection across IT and OT environments.
  • Visual “Canvas” Environment – Quickly and easily integrate native and third-party tools with drag-and-drop workflows.
  • Advanced Threat Detection – Sandbox capabilities replicate a live environment, including command and control server (C2) communication.
  • Pre-defined Playbooks – Ensure greater consistency in execution and better results for incident response and threat management.
  • Out-of-the-box Interoperability – Pre-defined connectors eliminate the need to manually integrate analysis tools.
  • High Scalability – High-performance malware analysis of up to 500,000 files per day.
  • Enhanced Productivity – OPSWAT enables organizations to reduce the mean time to detect malware and accelerate incident response.

More about MetaDefender Malware Analyzer

Download the Report

About OPSWAT

OPSWAT is a global leader in IT, OT and ICS critical infrastructure cybersecurity solutions and Deep Content Disarm and Reconstruction (CDR), protecting the world’s mission-critical organizations from malware and zero-day attacks. To minimize the risk of compromise, OPSWAT Critical Infrastructure Protection solutions safeguard both public and private sector organizations with the latest technology, processes, and hardware scanning to secure the transfer of data, files, and device access across critical networks. More than 1,500 organizations worldwide spanning Financial Services, Defense, Manufacturing, Energy, Aerospace, and Transportation Systems trust OPSWAT to secure their files and devices; ensure compliance with industry and government-driven policies and regulations, and protect their reputation, finances, employees, and customers from cyber-driven disruption. For more information on OPSWAT, visit www.opswat.com.

Media Contacts

Kat Lewis
Director of Corporate Communications
kat.lewis@opswat.com

Sign up for Blog updates!
Get information and insight from the leader in advanced threat prevention.