With the several cyber-attacks happening on the endpoint devices of various organisations, cybersecurity experts have begged these organisations to improve their endpoint security.
Client solution director, Dell EMC, Chris Buchanan revealed that more than ninety-three per cent of attacks happen on the endpoint, so it has to be the main focus in safeguarding the data. He said, “Organisations that ignore the endpoint do so at their peril.”
He disclosed that the organisations do not really know how vital their data is and the consequences that will arise if it is breached. His words, “Of even more concern is that, on average, it takes organisations over 100 days to discover a data breach, meaning cybercriminals have had months to rifle through a business’s systems.”
Chris noted that safeguarding the organisation’s data is not only proper business practice, but it also helps to keep their reputation intact. “Most people would not do business with an organisation that has a reputation for sharing their personal information. That is why encrypting sensitive data is a critical first step.”
Buchanan added that organisations always think they are protected if they own an anti-virus solution but, “Unfortunately, that is no longer true. Traditional anti-virus products are only able to address half the virus threats out there, and are not equipped to fight zero-day attacks at all.”
Agreeing with Chris on endpoint weakness, MD, Serianu, William Makatiani, also said that fresher attacks such as ransomware and phishing are actually increasing.
His words, “Endpoint security has become so critical in the fight against cyber-attacks because cybercriminals have identified end-users as the weakest link. It is much easier to successfully attack and infect multiple end-users than it is to attack a critical server. End users also seem to ignore basic cyber hygiene – hence the attractiveness.
“Simple, secure every single device and continuously monitor to ensure the expected secure profile is maintained. The challenge is the ability to get end users to adhere to the required security profile. As such continuous monitoring and exclusion of infected devices helps to reduce infection.
“Always use technology to scan/review the security posture of end-user devices before allowing them to access critical organisational data. There newer technologies that can be used to prevent/detect/isolate insecure endpoints.”
On how internet service providers (ISPs) can partake in the battle against cyber-attacks, Williams shared a few ways to make that happen.
He shared, “The first obvious role is continuous monitoring of the big pipes that deliver internet to organizations and individuals. Since they control these pipes and most attacks can be detected at the pipe level. It is possible to monitor ISP traffic and detect abnormal activities or traffic.
“ISP’s have a role to play in the general user awareness which increases user alertness.
“ISP can provide cheaper solutions as part of their provision of connectivity to their customers. Most cybersecurity solutions are expensive when purchased independently but a service provider this can be reduced.”
On the next step for organisations to take for endpoint security, Buchanan revealed, “To protect the company’s data, a data-centric encryption product that can be audited and managed centrally is much less intrusive, faster and easier to manage than the traditional full-disk encryption solutions.
“To protect against modern threats and attacks, a threat defence anti-virus should replace the traditional anti-virus solution.”