This year, companies felt they needed divine intervention to guide their accelerated digital transformations. With security high on their to-do list, many have turned to Endpoint Detection and Response (EDR) solutions, which are generally offered by vendors who were born in the cloud to control their now distributed device network protect. However, Kaspersky experts believe that this approach results in companies having an inadequate and not completely secure solution with uncured software.
The cybersecurity expert has identified a worrying industry trend where next generation vendors and the firewall are driving EDR after acquiring more universal endpoint solutions. Firewall vendors are influencing the Endpoint Protection Platform (EPP) market by acquiring EDR companies that strengthen their solution but lack the comprehensibility of full EPP solutions.
The resulting package that is sold is not as comprehensive as a full EPP solution. Missing functions such as device and application hardening are a must to increase efficiency and reduce the risk to a company. Current solutions can depend heavily on behavior detection, which should be part of a multi-tier EPP solution. As a result, packages currently on sale increase the risk of false positives and a decrease in productivity.
The problem stems from the fact that EDR is being sold as a silver bullet to expose and disarm any potential threats. The result is a multitude of organizations presented with an incomplete or incoherent picture of their threat landscape.
Ian Thornton-Trump, CISO at threat intelligence firm Cyjax, comments, “EDR solutions are not the only solution to an organization’s security. However, they form a valuable and indispensable layer of security to ward off the most dangerous skills cybercriminals can bring to a company. However, to be most effective, EDR solutions must be deployed in a managed, licensed, and hardened IT environment. ”
The worrying trend of companies selling a complete solution has come to the fore this year, and a large part of the global workforce is moving to remote work. Before the onset of COVID-19, 61% of companies cited staff restrictions as a reason for not adopting EDR. Just a few months later, the Kaspersky investigation found that almost three quarters (73%) of employees had not received additional IT security awareness training after a mass migration for homework and a panic change in opinion about the introduction of EDR.
As a result, IT teams are not only facing more alerts than ever before, but also without the guidance required to filter appropriately. At best, this leads to a waste of time and resources, while at worst, a serious red flag can be overlooked.
While many believe that endpoint security has taken its run, this trend and events of this year have proven that the solution is still very much alive. It is education and leadership that need to be awakened.
« Just because some vendors shout the loudest doesn’t mean they care about a company’s interests. That’s why it’s important for companies to get into a conversation that starts with discussing what they need. « . In most cases, they need a solution that is based on, or built into, training and skill development. What companies should invest in first and foremost is imparting this knowledge culture throughout the company. This then goes hand in hand with EDR as a tool that can become part of your armory and provide better visibility and investigation into the growing cyber threat landscape, ”said Andy Bogdan, Head of the UK Channel at Kaspersky.
“Organizations also need to recognize that technology three or five years ago is not advanced enough to deal with modern malware. Investing in security technologies like EDR is necessary because when cybercriminals sprint to create new features every month, when cybercriminals sprint to develop new features in technology, « added Thornton-Trump.
To meet this challenge head on, to better understand your own security infrastructures and to really take advantage of EDR solutions, Kaspersky offers the following advice:
Do you like this content? Sign up for the free PCR Daily Digest email service to get the latest technical news straight to your inbox. You can also follow PCR on Twitter and Facebook.
Amazon Web Services, Inc. . (AWS) has added new AMD based offerings with the latest cloud instance …
Bitdefender, Computer Security, Cloud Computing, Managed Services, Crowdstrike
World News – CA – Remote Working Pushes Organizations to Risky Security Acquisitions – PCR
. . Related Title :
– Bitdefender Introduces new cloud pre-based EDR solution for enterprises and managed service providers
– Bitdefender debuts cloud-based endpoint discovery and response solution Answer Solution
– Bitdefender Introduces New Cloud-Based Endpoint Discovery and Response Solution for Enterprise and Managed Enterprises . . .
– Remote work pressure organizations in risky security acquisitions
– 2020 Market Report on Smuggling Detectors, Size, Share, SWOT Analysis and 2020 Forecast Key Players, Drivers . . .
– Bitdefender introduces EDR security solution for MSPs
– Bitdefender launches cloud-based endpoint discovery, enterprise answer platform
– Bitdefender launches cloud-based EDR solution for businesses and MSPs
Donnez votre point de vue et aboonez-vous!
Votre point de vue compte, donnez votre avis
[maxbutton id= »1″]