Blog

Keep Your Endpoint Security Up-to-Date

Posted by Donna Recchione on Oct 1, 2018 9:00:00 AM

In client, IT, hiring trends, ICS insights

Protecting an organization's digital assets is more important today than ever before.  In fact, digital security has had to keep up with data thieves who consistently find new and creative ways to breach a system that you might think is secure.

In the past, businesses and individuals could protect themselves from a breach using just a few security technologies, along with practices that focus on the internal network.  However, with increasing threats from cybercriminals, businesses need to move away from past strategies to implement a threat prevention culture that focuses on both the detection and response of a cyberattack.  

According to Lenny Zetlser, an instructor in malware analysis at Sans Institute, today's mobile technology, including the cloud, allows for immediate access to data from any location.  Due to this easy access to data, businesses and organizations are finding it difficult to oversee and control contractors and employees who have access to a wide range of sensitive data.  Zeltser goes on to say that access to data from home, internet cafes, and other locations have caused businesses to struggle with attempted lockdowns of sensitive, corporate data.  

To resolve this issue, many organizations are using endpoint security solutions with the most powerful capabilities, such as machine learning and artificial intelligence (AI). 

The Evolving Definition of Endpoints

Because networks have continued to evolve, organizations need to redefine how they view an endpoint.  According to Sri Sundaralingam of Symantec's, in the past, network endpoints were defined or identified as any device that communicates across a network within the corporate firewall. These can include printers, PCs, modems, and routers.  

When the cloud was invented, this allowed for organizations and businesses to expand their network to include devices outside the firewall.  As a result, IT communities began to rethink what constitutes an endpoint.  Sundaralingam goes on to say that in our modern world, an endpoint includes any device that can access a corporate network, including smartphones, tablets, PCs, wearables, Internet of Things, and more.  These devices that connect to a corporate network can also include endpoints such as vending machines. 

Typically, these devices have less protection when it comes to a cyberattack, according to Larry Lunetta, vice president of security solutions marketing at Aruba Networks.  For this reason, businesses need to pay strict attention to the increasing use of these devices by employees and other parties who access and share sensitive corporate data.  

Many businesses who haven't had a breach, understand that a cyberattack is imminent and that they must work hard to prevent as many attacks as they can.  Jim Waggoner, senior director of endpoint product management for FireEye, says that organizations need to be constantly prepared to detect cyberattacks and respond with appropriate measures known as endpoint detection and response (EDR).   

Since cyber threats are becoming more sophisticated, EDR tools are put into place to address the need for continually monitoring and reacting to cyberattacks.  The way EDR differs from traditional endpoint protection, such as anti-malware, is that they are not designed to immediately and automatically stop a cyber threat during the pre-execution phase.  In fact, EDR does more by providing insights that alert the security analysts to identify and respond to threats across endpoints.  Organizations who want added protection can use both EDR tools and traditional capabilities to discover and respond to attacks.  

How Machine Learning and AI Identify Cyber Threats

The most serious of cyberattacks actually go beyond the endpoint.  In fact, the endpoint is really the location cybercriminals use to expand a more aggressive attack that involves using small steps over days, weeks or even months.  However, AI and machine learning sense these small steps were taken by the cybercriminal and then evaluates these steps to assess risk and take action before any damage is done.  

In the CDW Cybersecurity Insight Report, 39 percent of respondents considered using next-generation endpoint technologies that combine AI, machine learning and behavioral analysis to circumvent aggressive and sophisticated cyber attacks.  The point of AI and machine learning technology in this context is to identify the new, ever-changing malware attacks.  In fact, a business should have multiple ways to detect an attempted breach and prevent attacks, such as commodity malware and ransomware. These technologies are now essential for organizations to prevent cyberattacks.   

When using advanced machine learning that employs multilayered threat assessment, organizations are better able to identify how static files interact with other files, URLs, or machines.  Machine learning can also analyze enormous amounts of data to identify if a code is likely to be malicious.  Put another way, advanced machine learning, according to Sundaralingam, is the first responder when a cyber attack occurs.  From here, the machine is able to detect a malware presence and then stop it.  When an organization uses machine learning and behavioral analysis, it is better able to identify attacks, especially large-scale attacks.  

To keep up with the constant threat of cyberattacks, organizations are using forms of endpoint anti-virus software and other relative technologies that combine AI and machine learning to detect malware in ways they couldn't in the past.  All in all, this evolving technology allows businesses to keep up with the constant threat of cyberattacks.  As cybercriminals are constantly changing and advancing the way they hack into a data system, organizations need to also consistently adopt new and evolving technologies, such as AI and machine learning, to keep up.  

Update Your In-House Skills

As security threats evolve, so do the solutions and skills needed by a company. Partner with ICS to find top talent that can update your security and keep you guarded against harm. Click below to start talking to our staffing professionals so we can get you the help you need to stay protected.

Find Talent NOW

FTN IT