TECH TRENDS
Why EDR should be a key component of your overall cybersecurity strategy
Today ’ s sophisticated cyberthreats require new , advanced approaches to prevention and defence . Endpoint Detection and Response ( EDR ) is one such tool which is helping to keep organisations secure . Here , Bogdan Carlescu , Acting Cybersecurity Professional and Product Marketing Director at Bitdefender , highlights how CISOs can make EDR a key component of their overall cybersecurity strategy , as well as why they should prioritise this .
T
Tell us about the level of sophistication we see in today ’ s threat landscape , particularly when it comes to the endpoint ?
If we look at the early reports of 2021 , or review the key incidents , there are a few key words that will quickly surface : ransomware , phishing attacks , Business Email Compromise ( BEC ), supply chain attacks , data breaches or data exfiltration .
We can group these attacks into two key categories : fast-evolving attacks and slow and stealthy attacks . Both can be very aggressive , both can be targeted and both can cause massive impact for any organisation in the world . are so prevalent today that no organisation should consider itself safe .
Let ’ s talk Endpoint Detection and Response ( EDR ) – how has this historically been used as part of advanced threat prevention ?
Historically , cyberdefences relied mostly on the prevention capabilities that are built into endpoint protection platforms and this approach provided acceptable results for many years .
As the attacks increased in sophistication , the security paradigm had to evolve . Security experts realised that 100 % prevention is not possible .
Bogdan Carlescu , Acting Cybersecurity Professional and Product Marketing Director at Bitdefender
Without minimising the importance of fighting off ransomware and other aggressive fastevolving attacks , I will focus on the slow and stealthy type of attacks . Here we include the likes of supply chain attacks , phishing for company or state secrets and exfiltration of entire databases during months of undetected malicious activity .
The prevalence of these complex threats increased dramatically over the last few years and a question worth asking at this point is – who is affected by this class of attacks ? You might think that it only applies to large organisations . These are the notorious cases that make it to the media . But this couldn ’ t be further from the truth .
Smaller organisations are increasingly facing advanced cyberthreats , either to become a gateway towards a larger target during a supply chain attack or by being a collateral victim in a larger attack . The advanced attack techniques
By acknowledging the real possibility of being breached , many organisations adopted EDR solutions to complement prevention capabilities and to increase the resilience of organisations faced with advanced cyberattacks .
EDR relies on continuous monitoring of endpoint events across the entire infrastructure , providing extended threat detection , incident investigation and effective response .
Why , given the changes to the working environment we have seen over the last year , has EDR become an even more important cybersecurity tool ?
The global pandemic had a very strong influence on cybersecurity through significant changes both in the threat landscape and in the attack surface .
14 www . intelligentcxo . com