With cyber security becoming a critical business objective, enterprises are turning towards strengthening endpoint security. In this 2-part series, the author focuses on exploring the key criteria that enterprises should consider while evaluating the right endpoint security solutions.
Global Head Infosec, DPO, Jaquar Group
Prediction and protection from cyber-attacks has been an enterprise priority for quite some time now. Enterprises have been exploring and experimenting with different models to predict a potential cyber-attack, prevent it from taking place and having measures in place to ensure business continuity in case an attack happens.
Conventionally, enterprises have relied on a two-pronged approach to address and deal with cyber security issues.
On one side, the fight is against mass threats using simple tools. On the other side, the focus is on leveraging advanced solutions to defend against targeted complex attacks. At first glance, this seems to be a logical approach that can seamlessly be adopted and implemented by many enterprises. It is true that information security solutions that follow this approach are able to neutralize and mitigate most threats.
However, in today’s digital age, the nature of threats and well as the perimeter of security is constantly evolving and is not pre-defined. On a closer look, it becomes clear that endpoints today are no longer confined to an enterprise. Rather, they permeate through enterprise boundaries via the increasing use of IoT devices, employee-owned machines, POS systems, SCADA machines, among others. Thus, in the modern age, there is a possibility of having innumerable endpoints and relying on the conventional two-pronged approach might not be enough, as missing even 0.1% threat is also critical.
Endpoint security: A rising cause for concern
Today, endpoint is the no.1 target for cyber-attacks. Increasingly, a host of innovative threats have exposed that endpoint security is a weak point for businesses. According to a 2020 study by the Ponemon Institute, in the previous 12 months, 68% of organizations experienced one or more endpoint attacks that successfully compromised data and/or their IT infrastructure. Within endpoint attacks, the rise of file less attacks are of particular cause for concern. 70% of endpoint infections are the result of file less attacks. Invariably, endpoint security is a growing priority for enterprises across industries.
Criteria for evaluating endpoint security solution
While the rationale for focusing on endpoint security is clear, it is equally important to adopt an effective evaluation criterion to identify and deploy the best endpoint security solution. A key consideration here is that attacks should be PREVENTED BEFORE causing harm and not DETECTED AFTER causing harm. At the same time, the solution should do so without adding significant management overhead.
An endpoint solution may stop or prevent the attack before it can cause any harm, but, in the process, it may block critical systems, leading to business losses, or might use huge amount of endpoint resources leading to a drop in productivity.
Therefore, mitigation of cyber-attacks in the modern age should address the dual challenges of preventing infection without impeding productivity, whether for the device owner or the admin. A combination of strongest protection without any significant overhead is the need of the hour.
Based on the criteria for evaluation of endpoint security solutions mentioned above, there are three factors the contribute to ensuring seamless security from threats. These include, strength of protection, false positive rate, and simplicity of management.
I will share in detail the three key factors along with how we can promote endpoint security to mitigate cyberattacks in my next blog. Stay tuned.
About the author
Mansi is a strategic planner and thinker with 20 years’ experience in all verticals of IT, be it SDLC, information security, programme management, operations, business processes, business excellence, or analytics. She has prestigious certifications like PMP & Six Sigma Black Belt, ITIL, ISO 27001 Implementer, and PCI DSS compliance under her belt. The above combination provides her an edge to better understand business processes, people, and technology, allowing her to plan, monitor, and implement information programs across the organization.
Legacy software transitions, ERP implementations, IT infrastructure roadmap creation and execution, business continuity planning, incident and risk management, deployment of cyber and information security framework, user awareness trainings, GDPR, application security, etc., are some of the key assignments handled.
She is also on the advisory board for EC-Council’s CASE certification and has bagged many awards in the information technology and security space. She firmly believes in giving back to the community and has done numerous webinars, seminars, panel discussions, and white papers to share knowledge, in addition to several projects for the upliftment of women in IT and information security.