X
Please note we have recently updated our Privacy Policy, effective May 24, 2018. You may view the updated Privacy Policy here.
By using this website, you consent to the use of information that you provide us in accordance with the Privacy Policy.

Essays from 7 Experts on Moving to a Cloud-Based Endpoint Security Platform

7-experts-cloud-based-endpoint-security
sean_blanton
March 6, 2018 / Sean Blanton

Carbon Black recently published a series of essays about the experiences of experts in the field on information security as they moved their endpoint security program to the cloud; this is one of those essays. To read the full series check out 7 Experts on Moving to a Cloud-Based Endpoint Security Platform.


Keys To Maximizing The Value Of Endpoint Security

Daniel Schatz, CISO, Perform Group

At the UK-based digital sports content and media group Perform, Daniel Schatz is responsible for a dynamic environment in which most employees are mobile, working from outside the office in various locations including the sports games that Perform Group covers. Most of Schatz’s endpoints are Windows-based (about 60 percent Windows and 40 percent MacOS), with a few Linux devices mixed in. To secure these diverse endpoints, he has been evaluating new endpoint-security strategies, including cloud-based solutions that offer real-time threat monitoring and detection at the endpoint.

Schatz advises businesses considering cloud-based and next-gen endpoint-security solutions to make sure they focus first and foremost on what is actually needed in their environment. “Typically, the business doesn’t really know what it needs,” he explains. “It really falls upon the security professional to understand the business, and then understand the front landscape around it. Where am I, in terms of the threat actors that have a potential impact on what I’m doing? Who’s after me, simply said, and what is their capability?” he adds.

Facing increasingly complex threats, a security professional might be tempted to seek the greatest amount of visibility into all the potential threats the business could conceivably encounter. But, Schatz says, “If you don’t have the skilled staff to dive into it, and actually find what’s going on, and then try to remediate it, or at least raise it to the right level, it’s not really helping you.” It’s therefore important to make sure you’re thinking about how your team can make practical daily use of any endpoint-security solution you might choose.

 

  • It really falls upon the security professional to understand the business, and then understand the front landscape around it.

 

Once you understand your business needs and have taken your staff’s resources into account, then it’s time to figure out which vendors provide the solutions that fit your environment’s unique requirements. From there, Schatz recommends partnering with a vendor to take a promising product for a test drive. This will give you an opportunity to ascertain what kinds of security insights the solution provides your business, and how well your team might be able to use them.

Along the way, you might find that today’s next-gen solutions require less administrative resources from your security team than they would have in the past. “Nowadays, most of the newcomers in the markets provide cloud-based services, where the heavy lifting is done in the background. That means you don’t have to go and provision a server farm just to support your anti-virus or your endpoint detection and response [EDR] correlation engine,” Schatz explains. “This is now sitting away from your on premises. It’s not costing you capex. It’s not costing you anyone to manage it. You have that benefit nowadays.”

Businesses that are considering moving to a cloud-based next-generation platform for endpoint security will derive maximum value from any investment they make by first ensuring that they know what risks the business faces before seeking a solution. Once they have identified a tool that might be a fit, they can test it out with the vendor to determine how the staff can glean actionable insights from the reporting it provides. In this way, businesses will have the best chance of ensuring that any endpoint -security solution they select will be a worthwhile asset to their overall cybersecurity strategy.

KEY POINTS

  • A business considering moving to a cloud-based next-generation platform for endpoint security must first clearly understand the security risks it faces.
  • Security professionals must also consider how their staff will use the insights provided by any endpoint-security solution they select.

 

ABOUT THE CONTRIBUTOR

Daniel Schatz

CISO
Perform Group

Daniel Schatz is currently the chief information security officer (CISO) at Perform Group’s London office. Prior to this he led the global Threat and Vulnerability Management program for Thomson Reuters. He is a Chartered Security Professional (CSyP) and a member of the International Systems Security Association (ISSA-UK), and he holds several qualifications including CISSP, CISM, CCSK, CVSE, MCITP-EA, ISO27001 LA/LI, and MS Information Security & Computer Forensics.


Carbon Black recently published a series of essays about the experiences of experts in the field on information security as they moved their endpoint security program to the cloud; this is one of those essays. To read the full series check out 7 Experts on Moving to a Cloud-Based Endpoint Security Platform.

TAGS: 7 Experts / cloud / Cloud-Based Endpoint Security / Move to the Cloud