CISO MAG - Free Issues Endpoint Security Powerlist | Page 20

COVER THEME W Vo l u m e 3 Vo l u m e 3 COVER THEME Issue 10 ith the increase web and email filtering, and today’s activities; some may reveal a clue to in sophisticated attack how the threat inched towards the surely irreversible myriad devices and its constant use in detection targeted products—we’ve come a long way. enterprises. For many organizations, EDR – The black box of breaches a perfect storm of increasing cloud EDR systems offer defenders a first and BYOD adoption, combined with line of defense that gives them a way ineffective technology and stretched to gain greater visibility into what is security teams, is exposing sensitive happening at the interface between a major concern for both users and data to unnecessary risk. Added to production systems and the internet, this is the growing attack surface with all its threats and malicious due to the shift towards data-centric activity. business models. catastrophe. When a breach has taken place, EDR enables security teams to play back the this connected world, cybersecurity is 20 Issue 10 With traditional endpoint security infection and understand what has, and how it happened. EDR adoption As per a global survey by Enterprise Strategy Group, 70 percent of organizations are already using EDR. Enterprises are always looking for new techniques to protect themselves from increasingly sophisticated malware and some standalone EDR Today, the major area of concern technology, visibility into how a threat in any organization is to secure the entered the network and its travel path endpoints and server where most of is limited. One reason is that, when a the breaches and frauds happen. It’s hacker has compromised a device, not surprising in that context that so he is likely to wipe away his criminal many IT leaders see endpoint security traces. Once an attack is discovered, as a critical issue. In fact, endpoint customers want to know what the root security has become a hot topic on cause was, and how it spread. When the cybersecurity front and is rising security teams go back to investigate even higher on IT managers’ to-do a breach, the devices look pristine. list. IT leaders want a more effective, They do not have enough information easier to use solution to address this high level of skills needed to trace to piece the breach together. Now, issue. They need to find products that the root cause tools, many customers with endpoint detection and response can consolidate a range of security can’t keep up with EDR. While EDR (EDR) technology, they are finally tools can be difficult to use for less capabilities into one easy-to-manage able to. experienced suite. vendors deliver their detection and response capabilities as part of EDR. To use it effectively, one would require years of training and hands- on experience. Not all companies have a security team that can do that. The downside of EDR is that it is operationally intensive. When you combine that with a global skills shortage in cybersecurity and the operators, they can EDR works by recording the security improve overall security efficiency has changed events on any device connected to the by reducing the time to detect and the last two corporate network. These endpoint respond to security incidents. decades, in many ways mirroring the devices include: desktop computers, EDR is crucial for advanced endpoint evolution of the wider information laptops, smartphones, tablets, thin protection security market. From the first basic clients, printers or other specialized detecting suspicious behaviors at all anti-malware scanners of the ‘90s, hardware such as POS terminals, etc. levels of the computing stack from the through innovations in black- and EDR is the black box of breaches. device to the user. Another key EDR whitelisting, Some of these events may be regular functionality is that it enables security Endpoint security fundamentally over intrusion detection, CISO MAG | November 2019 solutions capable of CISO MAG | November 2019 21