What is Endpoint Security?
7 Experts on Moving to a Cloud-Based Endpoint Security Platform
As endpoints become smarter, new challenges emerge: emerging ransomware and 0-day exploits infect all kinds of systems with ease, while many attackers use no malware at all to accomplish their malicious goals. With all this change, we spoke to 7 leading security experts to identify what’s working and how they’ve influenced their organization to make the necessary changes before becoming the next victim.
Endpoint security protects desktops, laptops, servers, and fixed-function devices from malicious internal and external threats.
Endpoint security defends what is now thought of as an enterprise’s perimeter – the devices that are the gateways into the network – from known as well as unknown threats. These threats, which include malware and non-malware attacks, attempt to steal data, destroy infrastructures, or cause financial damage.
Endpoint security combines various attack prevention, detection, and response technologies with intelligent services to form an advanced platform that effectively helps enterprises:
Detect, disrupt, and prevent malicious attacks before they cause any major damage
Monitor and track attackers’ actions to identify and stop intrusions
Determine the root causes of threats
Traditional antivirus software was developed to prevent and detect known malware attacks. It is one aspect of the overall strategy of endpoint security. Today, that is not enough, even when there are several different solutions in place.
Endpoint security comprises the entire strategy and technology stack required to protect endpoints from threats and attacks, while antivirus software protects a computer or device from malware. Endpoint security is not just prevention, but also detection and response. It’s not reactive, it’s predictive.
To combat the advanced threats of today, modern endpoint security requires next-generation antivirus (NGAV) protection, delivered on an integrated endpoint security platform with other advanced security technologies and services such as endpoint detection and response, incident reporting, threat hunting, and predictive analytics.
As security technology gets more sophisticated, so do the attack tools, tactics, and methods. Attackers today are masterful at discovering the weak points in a corporate security strategy – and right now, they are zeroing on endpoints.
The traditional network perimeter has now been extended to the endpoints – yet for most companies, the right security protocols for endpoint devices have not been put in place. And the attackers are well aware of this.
According to The Cost of Insecure Endpoints report from Ponemon Institute:
48% of the organizations surveyed are disappointed or not satisfied with their endpoint security
55% of endpoints in the respondents’ organizations are vulnerable to a data breach involving sensitive or confidential data
Ineffective endpoint security strategies are costing these organizations $6 million annually in detection, response, and wasted time
Here is another perspective. In a recent study by Carbon Black, an average computer was a target of attacks less than one time a month in early 2017. By the end of 2017, that number of attacks rose by 328% to three attacks per month. Consequently, an organization with 10,000 endpoints could see approximately 1,000 attacks a day.
In 2018, it’s expected that endpoints attacks will increase even more, as the number of attacks on the protected endpoints of Carbon Black’s customers’ is growing at a rate of 13% each month.
So how can organizations take control of the fight against the rapid growth of malicious attacks?
Big data and predictive analytics have made significant impacts throughout the enterprise – and now their value is being extended to endpoint security.
Most endpoint security is reactive and based on finding and stopping known methods and attacks, which leaves organizations vulnerable. However, there is a huge volume of data on current and past attacks, as well as on the behavior of attackers, that can be analyzed to predict and therefore prevent future and unknown attacks.
For instance, by collecting and analyzing unfiltered endpoint data – all the data on endpoints whether related to a known threat or not – organizations can identify evolving attack tactics, techniques, processes, and even root causes. Executed with sophisticated algorithms in the cloud, this predictive analysis provides organizations with knowledge and insights that can help them identify weak points, address them proactively, and stay one step ahead of even the smartest attackers.
Most industry analysts are identifying cloud-based predictive next-generation security as the key to the advanced protection that will help organizations stop the most sophisticated cyberattacks in the future.