UNDER THE
SPOTLIGHT
1. Briefly tell us the
current trends in endpoint
protection and a couple of
initiatives that F-Secure has
been taking on this front?
Where does endpoint
come into the picture when
organizations are migrating
to cloud?
56
Endpoint security is clearly where
the market is moving. Customers are
increasingly requiring detection
and response capabilities. The
ability to stop attacks is not
enough, and customers are clearly
seeing
endpoint
protection,
detection and response being very
adjacent to each other and that is
quickly becoming one category.
Four or five years ago you had
endpoint
protection
products
(EPP) separately--and endpoint
detection and response (EDR)
products separately. But now these
two other categories are emerging
as one. The second point is that
endpoint security requirements are
definitely accommodating towards
needing more IT visibility. So, that
is also something what customers
expect their IT managers to handle
because there’s so much data and
so many things happening at the
endpoints, because it’s a great
source of intelligence and great
source of data. In short, endpoint
security capabilities produce more
and more IT visibility.
And then that leads to many
other things, so how do you best
orchestrate different policies?
CISO MAG | November 2019
Vo l u m e 3
Issue 10
Vo l u m e 3
Issue 10
UNDER THE
SPOTLIGHT
Endpoints are becoming more
comprehensive and more business
critical. The criticality also comes
from the fact that there is a very big
global trend of things moving to
the cloud and when things move to
cloud, you don’t need on-premise
IT. If you use public cloud like
AWS, Google or Microsoft Azure,
these guys are capable of investing
in security far beyond what any
independent individual company
could ever do.
In 99.99 percent of cases, the
security is enhanced by moving
to cloud from on-premise. But
you still need the endpoints to
access the data in the cloud. So,
the endpoint is becoming the weak
spot. IT administrators, CISOs, they
understand that. Cloud is better
secured versus on-premise but
now the vulnerable point of end
points in onsite is also increasing in
criticality.
57
2. How do you convince
a vendor that endpoint
protection and deployment
is critical to their company?
How do you deliver on that?
Well, I think it follows the previous
logic that the endpoint is the critical
piece in any IT infrastructure. So,
if I would want to hack into your
company, the easiest way is to start
hacking into some endpoints rather
than bombarding their firewall. The
endpoints are often managed and
used by individuals, and individuals
are often the weak links, and the
CISO MAG | November 2019