Intelligent CISO Issue 53 - Page 45

industry unlocked attackers who it doesn ’ t deter , MFA will make it significantly harder for them to succeed in breaching your network .
Endpoint Detection and Response ( EDR )
EDR works to discover potential or actual security breaches in a network ’ s endpoints , helping teams to rapidly respond to risks before an attacker can exploit them . A broad range of capabilities and implementations fall under the EDR umbrella , ranging all the way up to advanced systems that leverage AI models to automate the detection and removal of even the most sophisticated threats .
However , the market is also packed with business-ready EDR suites that can be installed off the shelf and require little technical or administrative overhead to operate . Many vendors even offer ‘ hunting ’ services where their trained experts can
Nick Banta , VP Global Cyber Security , Trimble
use the more sophisticated features of their product to protect a client . In almost all construction use cases , these services deliver exceptional value .
Using EDR , construction cybersecurity teams can gain real-time intel and response windows on breaches , shutting down attackers and mitigating the damage from a breach . EDR is a good way to harden a network , especially as construction activities in the field now involve many endpoints – whether that ’ s your machinery or worker devices , or even those of suppliers , contractors , or customers .
Rapid patching
Recent software supply chain vulnerabilities , such as Log4j , have shown that vulnerability patching is essential to a cybersecurity strategy . At the heart of resolving vulnerabilities is working to patch them as soon as possible . Ultimately , the key to achieving this among IT teams is clear lines of accountability regarding who oversees , maintains and patches any given system , workflow , or application .
Going beyond that , it ’ s worth looking to see if your team can automate the patching process as far as possible . Automation offers the possibility to dramatically speed up the detection and deployment of patches , but it isn ’ t a silver bullet . Many systems may need a manual review and some vulnerabilities may be so deeply embedded in your software stack that they may not be possible to automate . www . intelligentciso . com
45