Which behavior can increase the risk of fileless malware incidents on organizational systems?

Keeping suspicious processes running can significantly increase the risk of fileless malware incidents on organizational systems. Fileless malware operates differently than traditional malware, as it does not rely on files stored on disk but instead uses existing tools and processes within the operating system to execute its payload. By allowing suspicious processes to run, an organization is essentially providing an avenue for attackers to exploit these processes for malicious purposes. These processes can be leveraged to execute commands or scripts that may lead to unauthorized access, data breaches, or system compromise, all without leaving traditional file signatures that can be detected by standard security measures.

In contrast, regularly updating antivirus software, monitoring network traffic, and utilizing firewalls serve as preventative measures that can help mitigate threats, including fileless malware. Keeping systems secure involves actively identifying and addressing anomalies in processes and behaviors, thus reducing the likelihood of such incidents occurring in the first place.