Skip to main content
Tag

Endpoint Security

||||

Tackling Endpoint Security Head-On in 2020

By Patch ManagementNo Comments

Tackling Endpoint Security Head-On in 2020

As cybersecurity hazards increase, every organization needs an endpoint security solution that can face the modern threat landscape with ease.

[vc_empty_space]
[vc_single_image image=”305244″ img_size=”full”]

Technology and the inherent interconnectedness it fosters provides businesses with near-limitless possibilities.

But with that potential comes no small amount of risks.

The broad spectrum of cybersecurity hazards is perhaps the clearest manifestation of that danger, and endpoint security lies at its core. Already a complicated issue by any standard, it’s only liable to become more complex and urgent to address in 2020.

Many factors play into this forecast. The rise of newer and more dangerous threats, from crippling denial-of-service ransomware to large-scale records theft, is certainly among them, but so is the proliferation of mobile devices as IoT endpoints. What’s undeniable is your organization’s need for an endpoint security solution that can face the modern threat landscape.

Maybe it’s your client database, including all of the financial and personal information you’ve collected in the partnership process, that suddenly becomes inaccessible. Perhaps key files are abruptly encrypted in a way that you’ve never seen before. Or maybe systems grind to a halt and won’t function. You see a message telling you, in so many words, to pay up or lose the data (or remain locked out of your mission-critical networks and devices). It’s a simple and often successful exploit tactic.

The Dollars-and-Cents Factors

To members of the C suite who aren’t chief information or technology officers, the urgency of cybersecurity threats may not be realized.

  • Although average organizational cybersecurity spend is up — from $584 per employee in 2012 to $1,178 in 2018 — that may not be nearly enough for large enterprises, or those within commonly targeted industries like finance or health care.
  • The average data breach anywhere in the world costs an organization $3.92 million. Specific figures vary by country (unsurprisingly, the U.S. average is highest, at $8.19 million), industry (healthcare breaches cost the most, at $6.45 million per incident) and incident severity.
  • All told, the impact of cybercrime costs the world as much as $600 billion each year.

The Endpoint Numbers Game

88% of IT professionals understand the importance of endpoint management and security, but a significant number of those individuals may not know exactly how many endpoints their organizations’ networks have.

Based on the current pace of tech development, the number of endpoints in any given system is bound to increase exponentially in 2020. Significant upticks in overall mobile device use, as well as expansion of the internet of things, will drive this, increasing organizations’ endpoint security risk by default.

More access points mean more vulnerabilities.

Cyberattackers’ Main Goal

Cyberattackers go about their criminal activities for various reasons: monetary gain, the excitement of causing chaos, information misuse, state-sponsored espionage and more.

But your IT team doesn’t have time to speculate about the reasons. There is only room for you to deal with attackers’ goals. Login and access credentials are going to be the primary target of their interloping efforts, with the intention of obtaining and purloining confidential information.

The initial shock of a cyberattack belies how adversely impactful it may be over an extended period of time. A breach’s lifecycle, from initial compromise to containment, lasts an average of 314 days, with about 279 of those directly spent on identification and eradication. You need to cut down that time frame as much as possible, and securing your endpoints is the best way to do that.

[vc_single_image image=”36938″ img_size=”full”]

Major Endpoint Threats to Watch in 2020

Endpoints, everything from PCs and smartphones to IoT-enabled printers, represent an attractive collection of weak spots to malicious online actors. Such cybercriminals will use malware to attack said endpoints in any way they can: through the operating system and application layers as well as at the firmware and BIOS levels.

Threats of particular note include:

  • Ransomware: These high-profile dedicated-denial-of-service attacks have successfully shut down municipal governments including Baltimore, Atlanta and Greenville, North Carolina during 2018 and 2019, and also devastated the healthcare sector.
  • Phishing: Social engineering threatens mobile endpoints just as much as desktops.
  • Rootkits/backdoor-access attacks: Cyberattackers who care more about theft (monetary or informational) than havoc may use subtler methods like these to gradually take what they want.
  • Employee negligence: Lax security-protocol adherence can leave endpoints more open to attack. For example, employee-owned mobile devices are the endpoints least likely to be properly secured.

Consistency in Endpoint Security

You can’t protect your network’s endpoints by operating on a case-by-case basis, going with the flow as different issues arise independent of one another. Doing so amounts to treating this as a “fly by the seat of your pants” issue, which is neither feasible nor responsible in the context of any aspect of cybersecurity (endpoint-related or otherwise).

It is critical for organizations to adopt consistent approaches to endpoint security in 2020 and beyond, fully comprehending and addressing all risks associated with its endpoints. This involves vetting the security capabilities of new devices before they are introduced to the network and continuously monitoring device vulnerability levels to ensure they never become dangerously outdated and unprotected.

Enforce Endpoint Security Hygiene

IT must relentlessly hold the organization to high endpoint security standards:

  • Retire and replace legacy hardware/software: Such resources are more likely than not to have unmanageable vulnerabilities.
  • Ensure all endpoints matter equally: An attacker entering via a networked printer (a commonly under-protected endpoint) likely isn’t interested in taking over that machine, but rather something far more destructive.
  • Keep up with trending threats: Note which scams are most prevalent among your industry peers and in general (like ransomware/DDoS attacks and botnets), without losing sight of less obvious possibilities (logic bombs, man-in-the-middle attacks, formjacking).
  • Maintain up-to-date patch management: Enable automatic updates for the most critical security patches, while handling less mission-critical patches manually. (Also, ensure patch application disrupts day-to-day operations minimally or not at all.)

Turn to Syxsense for More Secure Endpoints

Endpoint security is a complex and multifaceted issue requiring vigilance and cooperation across all departments within any given organization. Turning to the broad complement of endpoint security solutions offered by Syxsense will be an excellent place for you to start.

  • For a “one-stop-shop” with vulnerability scanning, patch management and endpoint detection and response in one package, look no further than Syxsense Secure. Available as a standalone software product or alongside 24/7 managed services from our dedicated, experienced team.
  • The similarly comprehensive Syxsense Manage solution offers additional endpoint, OS and patch management oversight to complete the picture of meticulous and wide-ranging threat management.

Begin your organization’s journey toward airtight endpoint security with a free trial of Syxsense’s products and services.

[vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]

Experience the Power of Syxsense

Syxsense has created innovative and intuitive technology that sees and knows everything. Manage and secure your environment with a simple and powerful solution.

[vc_btn title=”Start a Free Trial” style=”gradient-custom” gradient_custom_color_1=”#da4453″ gradient_custom_color_2=”#8a2387″ shape=”round” size=”lg” align=”center” link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial|||” css=”.vc_custom_1572936982710{margin-top: 15px !important;}”][vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]
|||

Endpoint Security vs. Antivirus

By Patch ManagementNo Comments

Antivirus Software is Nice, But It’s Not Enough for Full Endpoint Security

Are your current security measures enough to protect your network’s endpoints? Explore the key differences between antivirus software and EDR tools.

[vc_empty_space]
[vc_single_image image=”36933″ img_size=”full” css_animation=”fadeIn”]

As we previously pointed out in our “Endpoint Security 2020: What Your Need to Know” article: “Cyberattacks are growing more complex and difficult to prevent, and this will only accelerate in the future, thus making endpoint security a top goal in 2020.” Given the news of late, there can be no doubting the importance of this..

You probably already have information-security measures in place in your organization, such as firewalls and antivirus software. But you might be wondering if what you have in place is sufficient to properly protect all of your network’s endpoints.

Unfortunately, the question—and answers—might not be that simple. As pointed out by SolutionsReview, it’s important to understand the historical significance of antivirus software. Such tools—the origins of which date back more than 30 years—represent the wellspring from which other, more sophisticated, cybersecurity tools and techniques would emerges.

The late 1980s and early 1990s marked the debut of antivirus products from developers such as Symantec, McAfee and Sophos, in addition to the founding of cybersecurity research groups such as the Computer Antivirus Research Organization.

Now, three decades later, antivirus tools are part of standard operating procedure for virtually all professional-grade desktops and laptops—as well as a considerable number of the smartphones and tablets used by enterprise staff. Plenty of consumers also use such applications.

The Inherent Limits of Antivirus Control

In the majority cases, antivirus software exists in the background, only showing its presence when a threat is detected. While certainly valuable, there is a clear limitation to antivirus software: it only functions as a defensive measure when an active threat has made itself known. It does not have much in the way of counteroffensive tools, nor does it have the broader scope of functionality available through endpoint detection and response (EDR) tools.

Additionally, many legacy antivirus programs—and even some of the more recent versions—are all too often limited to detecting the presence of signature-based cyberthreats. While a significant number of the well-known malware and exploit tools used by modern hackers have signatures embedded in their code that an up-to-date antivirus platform can identify, there are also plenty that haven’t had their signatures cataloged yet. Malware that lacks signatures altogether is also becoming increasingly common, according to TechTarget.

Perhaps most alarming of all is that many cyberattacks today eschew files entirely. Instead, they use innocuous-looking links to trigger garden-variety programs such as Flash and Windows PowerShell, the latter of which can be compromised through remote manipulation of the command line with relative ease.

As CSO explained, these collect data from the victimized machine and relay it to the hacker who originated the attack, allowing that interloper to seize further control of a device and subsequently deliver more exploits. An entire network could be devastated this way, and many antivirus tools would most likely have never seen it coming.

The Ponemon Institute’s 2018 State of Endpoint Security Report noted that 35% of that year’s malware attacks were fileless, while projecting that figure to increase to 38% for 2019. In the years to come, it’s entirely possible that fileless exploits will constitute a significant majority of the cyberattacks deployed against all businesses and public-sector organizations, leaving antivirus tools even more in the lurch.

[vc_single_image image=”36938″ img_size=”full” css_animation=”fadeIn”]

Moving Ahead to Endpoint Protection

Back in 2015, in a guest blog post for Politico, engineer and futurist David Evans estimated that about 127 new endpoints were being added to the internet of things every second, all over the world. More recently, Gartner projected that IoT growth had reached the point at which there would be approximately 5.8 billion endpoints in the global enterprise and automotive markets alone by the end of 2020, marking 21% growth from the previous year.

According to the SANS study “Understanding the (True) Cost of Endpoint Management,” 61% of the respondents said their organizations had more than 1,000 user endpoints, while 5% claimed to have 100,000 or more. And the risk to small businesses is no less real and significant than that facing medium-sized and enterprise-level companies. Per Verizon’s Mobile Security Index 2019, 88% of firms with 500 or fewer workers acknowledged that endpoint security was a serious hazard to their operations, and that it will only get worse.

EDR to the Rescue

EDR solutions emerged as a means of addressing the security issues created by increase in endpoints, IoT-relate or not. They are deployed according to the software-as-a-service model. Rather than continuously scanning the network and its various interconnected viruses for clear signatures of malware, EDR tools monitor user behaviors, looking for actions and operations that are out of the ordinary. This is sometimes referred to as “suspicious activity validation.”

The best EDR tools perform all of the classic functions of their cybersecurity predecessors, but leverage new methods to do so, including the use of artificial intelligence and machine learning. Furthermore, they are not limited to checking for conventional signatures to look for signs of potential malware intrusions; they also examine URLs, IP addresses, file hashes, and other data points.

How EDR from Syxsense Keeps you Protected

Cyber-attackers are not exactly the kind of folks who will limit their intrusions to business hours. Whatever they are up to—from monetary gain to state-sponsored intrusion—bad actors are always on the lookout for weak spots to take advantage of. IoT endpoints are among their favorites. Your organization deserves an EDR solution that is as constantly active—and aggressive—as cybercriminals are.

Syxsense Secure and Manage both provide enterprise users with the sort of always-on protection that is necessary to mitigate the broad spectrum of cybersecurity threats out there today. By allowing for comprehensive and real-time visibility into all endpoint activity, reporting on device inventory, quickly quarantining detected threats, and automatically patching all of your devices—be they Windows, Mac, or Linux—Syxsense solutions represent an efficient and meticulous approach to information-security needs.

[vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]

Experience the Power of Syxsense

Syxsense has created innovative and intuitive technology that sees and knows everything. Manage and secure your environment with a simple and powerful solution.

[vc_btn title=”Start a Free Trial” style=”gradient-custom” gradient_custom_color_1=”#da4453″ gradient_custom_color_2=”#8a2387″ shape=”round” size=”lg” align=”center” link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial|||” css=”.vc_custom_1572936982710{margin-top: 15px !important;}”][vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]
||

Endpoint Security 2020: What You Need to Know

By Patch ManagementNo Comments

Endpoint Security 2020: What You Need to Know

Endpoint security and cybersecurity need to become a top priority in your enterprise’s business plans in 2020 and beyond.
[vc_empty_space]
[vc_single_image image=”35956″ img_size=”full”]

The Challenge of Endpoint Security

From all accounts, dealing with endpoint security is only going to get harder. In fact, according to an article on SolutionsReview, by Ben Canner, it “looks poised to become more complex” in 2020. What new elements can make it even more challenging to implement?

For one, organizations must adapt to the increasing complexity of hackers and their cyberattacks in 2020. Hackers never sleep; instead, they continually work to improve their cyberattacks, constantly evolving the threat landscape. Therefore, “your business must deploy an endpoint security solution that can keep up with this deluge of malware,” explains Canner.

What’s more, companies must adapt to the changing technological landscape when considering cybersecurity. Different devices and network connections require different endpoint capabilities to protect them. “After all,” writes Canner, “the threats facing these new technologies won’t resemble the threats of the past.”

Louis Columbus, writing on Forbes, goes even further, suggesting that protecting endpoints will be paramount in the future. “Attacking endpoints with AI, bots, and machine learning is gaining momentum with cybercriminals today with no signs of slowing down into 2020, making endpoint security a must-have cybersecurity goal for next year.”

Cyberattacks are Getting More Sophisticated

Cyberattacks are growing more complex and difficult to prevent, and this will only accelerate in the future, thus making endpoint security a top goal in 2020. Cybercriminals, he explains, are using structured and unstructured machine learning algorithms to hack organizations’ endpoints with increasing frequency. “Endpoint attacks and their levels of complexity will accelerate as cybercriminals gain greater mastery of these techniques,” he notes.

Simple economics come into play, as well. Some sources say that cybercrime costs the global economy $400-plus billion a year, with the cost of an average data breach expected to exceed $150 million by 2020. The cost of cybercrime will continue to increase as more businesses and consumers migrate to the cloud, notes an article on World Wide Technology.

In response to all of this, observes Columbus, endpoint protection providers are adopting machine learning-based detection and response technologies; providing more cloud-native solutions that can scale across a broader range of endpoints; and designing in greater persistence and resilience for each endpoint.

He also points to a recent IDC survey, Do You Think Your Endpoint Security Strategy Is Up to Scratch?, which says that “companies should seek to build resilience—on the assumption that breaches are inevitable—and look for ‘security by design’ features that facilitate or automate detection and recovery.” IDC surveyed 500 senior security executives globally.

Protect Your Organization from Threats

WWT suggests that “the easiest way to examine endpoint protection solutions is to look at those designed to secure endpoints before an attack versus those focused on containing a breach after an attack. An endpoint protection suite (EPS) covers the window of compromise between vulnerability and breach and is the best defense before a breach occurs. This suite will deliver the critical security components, while providing security intelligence, operational availability and maximising business productivity.”

Another survey, this one from SANS, shows that, while conventional devices such as desktops and servers represent the largest segment of endpoints connected to the network, come 2020 and beyond, the number and variety of endpoints will grow quickly. “Building security and control system devices are being gathered under the umbrella of endpoint management, and business needs are driving the inclusion of both employer-owned and employee-owned mobile devices,” SANS reports.

Organizations are still being compromised, it says, with the primary target data being logins, access control, and sensitive information. Accordingly, the most common device targets will be desktops, laptops, and servers, since they are most likely to contain that kind of information. Regarding the future: “As mobile devices become more prevalent on company networks, these devices are likely to become targets more often.”

How to Manage Endpoint Security in 2020

What needs to change in 2020, according to the IDC research, is that many organizations must manage endpoint security strategically, have an inconsistent approach across different endpoint types, and begin to fully comprehend the risks associated with all endpoints.

Not doing so “results in inadequacies in processes and procedures, such as failing to include security capabilities in endpoint procurement requirements or retaining legacy devices even after they are found to have intrinsic security vulnerabilities,” IDC writes.

Organizations, in the coming years, need to understand that when acquiring new devices, security must be a primary consideration, after factors such as cost and performance. “What organizations fail to appreciate,” states IDC, “is that once an endpoint has been compromised and provided an entry point to their network, the cost and damage to the business can be far greater than the savings they made or gains they achieved.”

So, what are some of the issues to be on the lookout for as we begin the ‘20s in a couple of months? The IDC research offers up these:

[ultimate_icon_list icon_size=”20″ icon_margin=”10″][ultimate_icon_list_item icon=”fas fa-check-circle” icon_color=”#da4453″ content_font_style=”font-weight:bold;”]Threats to endpoints come at all levels (firmware, BIOS, OS, application layer)[/ultimate_icon_list_item][ultimate_icon_list_item icon=”fas fa-check-circle” icon_color=”#da4453″ content_font_style=”font-weight:bold;”]Firmware-level malware infections threaten all endpoints from PCs to printers[/ultimate_icon_list_item][ultimate_icon_list_item icon=”fas fa-check-circle” icon_color=”#da4453″ content_font_style=”font-weight:bold;”]Intrinsically vulnerable devices should be retired according to strictly enforced policy[/ultimate_icon_list_item][ultimate_icon_list_item icon=”fas fa-check-circle” icon_color=”#da4453″ content_font_style=”font-weight:bold;”]Start with good security hygiene across PCs and printers[/ultimate_icon_list_item][ultimate_icon_list_item icon=”fas fa-check-circle” icon_color=”#da4453″ content_font_style=”font-weight:bold;”]Incorporate endpoint security within overall cybersecurity strategy and ensure you remain up to date with threat trends[/ultimate_icon_list_item][ultimate_icon_list_item icon=”fas fa-check-circle” icon_color=”#da4453″ content_font_style=”font-weight:bold;”]Include all endpoints equally in the endpoint security plan, not just PCs.[/ultimate_icon_list_item][/ultimate_icon_list]

What Will Threaten Endpoint Security in 2020?

Finally, Solution Review’s Canner list some specific examples of what can threaten endpoint security in 2020:

Internet of Things (IoT): The IoT market continues to grow as more enterprises incorporate it into their networks. IoT attacks look to grow exponentially over the next year. In 2019 alone, endpoint security provider F-Secure found threats to IoT devices increased by 300 percent. Given the reality of IoT devices, next-generation endpoint security can help protect these devices in 2020. In fact, modern endpoint security can help you discover IoT devices which may otherwise become blind spots in your network.

Proliferation of Mobile Device: According to Verizon’s Mobile Security Index 2019, mobile device security threats grow faster than any other. Of course, mobile devices not only proliferate in enterprise IT infrastructures—they thrive. Bring-your-own-devices cultures (BYOD) have become popular in businesses of all sizes. Endpoint security must be ready for all of this in 2020.

Ransomware, Fileless Malware, and Other Penetrative Threats: Malware continues to plague enterprises, even as cybersecurity focuses on identity-based attacks. Ransomware, Fileless Malware, Cryptocurrency Mining, and other threats could damage your business processes and your long-term reputation.

New Year, New Priorities

Endpoint security and cybersecurity overall need to become a priority in your enterprise’s business plans. Cybersecurity doesn’t just protect your business; it preserves your reputation, reassures your customers, and streamlines your business processes. Without the necessary prioritization which cybersecurity demands, your endpoint security will most likely fail.

Syxsense Manage and Syxsense Secure can easily resolve vulnerabilities across your entire environment. Start the new year with a powerful solution that you can confidently and consistently rely on.

[vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]

Experience the Power of Syxsense

Syxsense has created innovative and intuitive technology that sees and knows everything. Manage and secure your environment with a simple and powerful solution.

[vc_btn title=”Start a Free Trial” style=”gradient-custom” gradient_custom_color_1=”#da4453″ gradient_custom_color_2=”#8a2387″ shape=”round” size=”lg” align=”center” link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial|||” css=”.vc_custom_1573147510616{margin-top: 15px !important;}”]