Intelligent CIO Africa Issue 56 | Page 75

FINAL WORD collateral victim in a larger attack . The advanced attack techniques are so prevalent today that no organisation should consider itself safe .
Let ’ s talk Endpoint Detection and Response ( EDR ) – how has this historically been used as part of advanced threat prevention ?
Historically , cyberdefences relied mostly on the prevention capabilities that are built into endpoint protection platforms and this approach provided acceptable results for many years .
As the attacks increased in sophistication , the security paradigm had to evolve . Security experts realised that 100 % prevention is not possible . By acknowledging the real possibility of being breached , many organisations adopted EDR solutions to complement prevention capabilities and to increase the resilience of organisations faced with advanced cyberattacks .
EDR relies on continuous monitoring of endpoint events across the entire infrastructure , providing extended threat detection , incident investigation and effective response .
Why , given the changes to the working environment we have seen over the last year , has EDR become an even more important cybersecurity tool ?
The global pandemic had a very strong influence on cybersecurity through significant changes both in the threat landscape and in the attack surface .
We discussed the increased sophistication and volume of attacks and , to a large extent , this was fuelled by the forced ‘ work from home ’ setups . In the early days , most organisations rushed into working from home and the attack surface available to various attackers in the world increased significantly .
With endpoints leaving the relative safety of corporate networks and being scattered across employees ’ homes , security teams required more advanced threat detection capabilities and , more importantly , better visibility to avoid costly cyberbreaches .
www . intelligentcio . com INTELLIGENTCIO AFRICA 75