|July 8th, 2019|
Malware protection has become even more challenging in the modern corporate scenario. With more mobile workforce working with a company, the organization’s IT system gets more vulnerable to cyber-attacks. Hackers find the present situation quite favorable as wide range of endpoints of corporate IT environment is quite exposed. Traditional antivirus tools do not suffice in detecting and blocking the present era’s intricate threats.
Ponemon Institute released Endpoint Security Risk report in 2018 according to which, endpoints are extremely exploited by the cyber criminals. Almost 66% of companies are encountering these attacks on their endpoints in the last one year, which is a 20 percent year-over-year increase. In other words, a company’s endpoints are serving as entry points for the malicious software.
Top notch IT and security professionals concur after conducting surveys that zero-day and file-less malware attacks make the biggest threats to companies. Of total successful attacks, more than three-fourths took leverage of unknown and polymorphic malware. Moreover, these techniques were found to be four times more potent than traditional attacks for succeeding.
In the last one year, financial losses owing to a successful attack increased by 42 percent. While in 2018, endpoints attacks have cost companies about $440 per endpoint. The cost was even high, approx. $763 per end point for small to midsize businesses.
Companies are working hard to devise solutions to counteract these attacks as the traditional endpoint strategies comprise of several loopholes in protection against sophisticated malicious activities.
Patching and more such practices come with a natural delay that keeps the endpoints exposed meanwhile. This delay is growing as patches and updates are more often issued. However, they need to be tested before rollout. If you go by the Ponemon survey, it takes close to 102 days for application of patches and 43 percent of respondents seconded that patching is delaying.
Till the recent past, antivirus software programs were considered to be competent for providing endpoint security. But as the threats kept evolving legacy solutions somewhere lost their pace. 70% of organizations which were part of Ponemon survey have either replaced or are intending to replace their existing antivirus solution in the next 12 months. Common reasons which triggered replacement of antivirus solution include insufficient protection and management complexity, besides rendering false positives.
Organizations fighting with the contemporary cyber invasion are investing their time in endpoint detection and response (EDR). The term was coined by Gartner analyst Anton Chuvakin in the year 2013. By EDR it is referred to the tools that perpetually keep a watch on endpoints and scrutinize any suspicious activity. Information so captured is stored in a database for carrying out analysis to detect abnormalities like unexpected processes or unusual connections. This data renders IT security experts the much needed perspective to carry out the investigation and proactive look-out for threats, if any.
EDR has a principle at its heart which says not all the threats get detected at initial defenses. Outstanding solutions are competent in identifying attacks, including the multiple threats and blocking them right followed by the detection. They also feature threat hunting and incident response proficiencies that help prevent a compromised endpoint budding into a major security breach.
Skills of EDR tools to handle the situation even after initial failures to detect and block viruses made EDR adoption so easily feasible for the organizations. Nonetheless companies took their share of time in accepting but they were sure they needed EDR because blocking attacks without making any compromises was a big challenge and need of the hour at the same time. This disconnect resulted in confusion amongst organizations that only 46 percent of EDR features are used.
Are you a company looking for professional assistance to prevent any suspicious activity in your IT and security system? Talk to our industry experts and let them troubleshoot similar problem you are facing.