Endpoint protection is dead. Or is it? -TEISS® : Cracking Cyber Security
Vendor View: Sean Sullivan, security adviser, F-Secure, on why endpoint security matters more than ever.
Online criminals, especially those backed by the massive resources of organised crime or nation-states, are better than ever at evading detection. Attacks are becoming more precise, harder to find, and even harder to remove.
So does that mean you should get rid of your software, hire 100 full-time security professionals and start shopping for the latest miracle products from Silicon Valley?
Nope. AV-TEST’s Security Report 2017-2018 finds that over 100 million malware samples are identified every year. That’s a new sample every 3.9 seconds. This endless deluge of new threats means that endpoint protection is still the foundation of your organisation’s cyber security.
Endpoint protection is the cornerstone of cyber security; it’s comprehensive protection that includes antivirus, browsing protection, data protection, and more.
If you’re not using it, your network is in danger. Here’s why.
Also of interest: Endpoint security: Is it enough?
99.9% of attacks are commodity threats.
The vast majority of the threats the devices on your network will face come from packaged cybercrime tools which are bought and sold on the Dark Web. These threats are available to slacker attackers who lack advanced skills but want to make a quick buck. They are not necessarily cutting-edge but are effective against systems that are not properly patched or have inadequate endpoint protection.
Ransomware is a perfect example of why you need endpoint protection that blocks typical threats. Even though it’s been declining since the middle of 2017, it’s still available in the wild as a bulk or commodity threat.
A single PC hit by ransomware can lead to a thoroughly compromised network; if the criminals didn’t plan on disabling a whole network, the malware may not be something that can be reversed by paying the ransom. Commodity ransomware has been known to repeatedly hit computers in some cases. The result was impossible to reverse, and proved a complex task in restoring the system from backups as it is more difficult to determine what was lost.
Good endpoint protection software secures against ransomware, bulk malware, email spam, common exploits and more by employing continual updates, machine learning algorithms and the latest threat intelligence.
Also of interest: Privacy by design and how to do it well
You’re never going to patch or eliminate the biggest vulnerability in your network.
Humans are the weakest link in the security chain, and will continue to be until the robots replace us.
The always-on, connected nature of today’s workforce means that mobile devices, laptops and desktops are in constant use and therefore vulnerable every day to human error. Eventually, someone — be it employees or IT staff — is going to slip up.
Cyber attacks are a case of ‘when’ not ‘if’ and, sooner or later, an employee will get caught out, clicking on the wrong link or opening a sketchy attachment. Alternatively, poor password hygiene and habits could get them into trouble. Or, for a worker on the road, a company laptop or device could be misplaced or stolen – in the UK alone, staff in five government departments have lost more than 600 laptops, mobile phones and USB sticks in the last four years.
A complete endpoint protection platform assumes that mistakes are going to be made and that they’re going to be made regardless of what the endpoint is – Windows or Mac, iOS or Android. Nothing is immune.
Also of interest: Interview with Channel 4’s CISO, Brian Brackenborough
Endpoint security focuses you on the most potent attacks.
Targeted and advanced attacks are becoming more sophisticated and common every day – barely a day goes by without one headline or another about a company being hit by a cyber attack. Regardless of your business’ size or industry, you’re increasingly likely to run across a highly skilled and motivated aggressor.
If – and when – these types of threats become a concern for your organisation, it’s time to start looking into different detection, response and vulnerability management solutions to augment your security. Good endpoint security plays a key role in improving security hygiene levels. For example, think of how an infection affects your body; it’s much easier to focus on identifying, isolating and treating a serious point of infection when the whole body isn’t inflamed.
The right endpoint security ensures that if the worst happens, you’ll still have a network to save.