Intelligent Tech Channels Issue 37 | Page 68

FINAL WORD
alerts than ever , at an already stressful time , without the requisite guidance and internal skillset to benefit from their investment .
EDR continues to keep its spot on the shortlist
Missing features in EDR , like device and application hardening , are a must-have in order to overcome the current IT skills gaps within organisations . Increased efficiency and a reduction of business threat exposure must top the list of priorities , and EDR can help , but only if it ’ s integrated into a wider established infrastructure .
“ EDR solutions are not the solution to organisational security . However , they form a valuable and indispensable layer that wards off the worst that cybercriminals and APT actors have to throw at an organisation with exposed services and endpoints that surf the Internet every day ,” explained Ian Thornton-Trump , CISO at threat intelligence company , Cyjax . “ Without the prerequisites in place , the EDR that some organisations experience will be sub-optimal , with a plethora of false positives as AI mistakes poorly-managed IT environments as compromised .”
Thornton-Trump explained that , when misapplied , EDR can have significant operational impacts and can disable core functions . However , this is not to say that it doesn ’ t have a place at the table . He added : “ On the whole , EDR is effective in preventing ransomware and especially detecting and preventing ‘ living off the land ’ lateral movement . Organisations still have to realise that technology from three or five years ago is not advanced enough to deal with modern malware . Investment in security technologies like EDR are required because , in technology , ’ good ’ becomes ‘ poor ’ very quickly as cybercriminals sprint to new capabilities monthly .”
A tool in the armoury , not a silver bullet
This is why education , training and filling the skills gap is so critical for businesses , especially as more and more choose to work flexibly in the future . It ’ s not that EDR isn ’ t
On the whole , EDR is effective in preventing ransomware and especially detecting and preventing ‘ living off the land ’ lateral movement .
relevant ; it ’ s just that it ’ s not a standalone solver of all IT security problems .
It is critical for businesses to enter into discussions about what they need as the central focus . More often than not , what they will find they need is a solution built around , or integrated with , skills development , so a solution doesn ’ t get lost in the dark and employees understand how to properly implement into their systems . By entering into these conversations , companies can offset the vendor concern and their own dispersed network challenges , simultaneously . In many cases , what they will end up with is education and protection , courtesy of dedicated solutions that provide awareness training as well as the EDR product itself .
Managed detection and response ( MDR ) solutions are also a solution looked over by businesses who already have a solution in place . As the name suggests , the same level of detection and response is achieved , only with additional managed assistance from the vendor . This vendor assistance can provide invaluable insight into where the threat is and how it can be solved . The subsequent mix of automated and guided response extracts the best out of EDR in situations where internal skill sets can ’ t . Ultimately , the combination of upskilling a workforce combined with better protection , can convert EDR from an outdated , misused piece of software , to a critical tool in a business ’ s arsenal . •
68