The worst of the pandemic may be behind us, but we continue to be impacted by it. School-aged kids are trying to catch up academically and socially after two years of disruption. Air travel is a mess. And all businesses have seen a spike in cyberattacks. Cyber threats increased by 81% while COVID-19 was at its peak, with 79% of all organizations experiencing a loss of business operations during that time.

The risk of cyberattacks increased so much that the FBI put out warnings, calling the rise in attacks and malicious activities unprecedented. In its 2021 Internet Crime Report, the FBI revealed that it received record numbers of complaints to the Internet Crime Complaint Center (IC3).

“Among the 2021 complaints received, ransomware, business email compromise (BEC) schemes and the criminal use of cryptocurrency are among the top incidents reported,” the report stated. Phishing and its counterparts of vishing and smishing were the most popular attack vectors.

Remote work and the hybrid office have played a role in increasing cyberattacks. Employees need to be connected to the cloud and corporate network resources, but they are no longer protected by the organization’s on-premise security system. Also, personal device use is generally more accepted, and this increased use of Bring Your Own Device (BYOD) has added even more complexity to overall protection.

Threat actors are taking advantage of this new normal in the workplace. They know that most employees can no longer just ask the person in the next cubicle if they sent that email with the strange attachment and that security teams have modified their interactions with staff. Phishing and other cyberattacks are going to keep increasing until organizations address threat management — including mobile threat management — and endpoint security.

How Threat Management is Changing

Traditional threat management systems were more like building blocks. You had what you needed and built on. Most organizations traditionally have endpoint security and threat management tools, such as firewalls, antivirus software and VPNs. Because security challenges are constantly shifting, you need to add to your existing system to increase the level of protection, which can bust security budgets. New tools must be purchased, and then these new tools need to be installed, integrated with the rest of the system and tested before they are deployed.

Read the Report

Perhaps pre-COVID systems were effective when everyone worked together in buildings tightly controlled by the IT team, and strict policies surrounding BYOD and shadow IT were easier to monitor and enforce. But that type of IT and security structure is never coming back.

Employees are coming into the network from all over the place — not only from remote locations but also from an array of devices. With the increased cyber threats and workload in IT departments, companies can no longer afford to have multiple apps for device management, security management and integrations with other providers. Instead, threat management capabilities for mobile and traditional endpoints should be integral to a modern, complete Unified Endpoint Management (UEM) solution.

Why Turn to UEM

UEM brings the management, monitoring and security of disparate endpoints into a single console or a single-pane-of-glass interface. It includes everything within the network, no matter the operating system, location or type of device — including IoT devices.

A UEM system should offer the following functionalities:

•    Push updates to all devices connected to the system
•    Easy interface to manage both traditional desktop devices and any mobile device
•    Remote wipe features to protect data if the device is lost, stolen or otherwise compromised
•    BYOD that can be easily added and updated
•    Application and device management.

UEM builds on other management systems, like mobile device management (MDM), mobile application management (MAM) and enterprise mobility management (EMM). But these management tools are much more specific:

  • MDM focuses exclusively on the features allowed on mobile devices
  • MAM is designed to take a more holistic view of mobile devices to include both corporate and personal application management
  • EMM offers security and management of corporate devices including laptops and desktops as well as smartphones and tablets.

UEM in Threat Management

Device management is fragmented. Information is fragmented. All this fragmentation leads to blind spots in security; it is impossible to see or find everything since it is coming from hundreds of endpoints in dozens of locations. The inability to see and protect data, devices and the network increases the risks of a cyberattack and decreases the ability to respond and mitigate against threats.

The UEM brings visibility across all devices, enhancing security management. It’s now possible to set security policies for every device, including patch management, OS updates or identity/privilege management.

A lack of solid threat management across the entire infrastructure puts compliance at risk. UEM offers the security needed, especially in the mobile environment, to ensure that users remain compliant with industry and government regulatory requirements on all of their devices.

Finally, threat management requires someone to, well, actually manage devices and networks to harden them from potential cyberattacks. A large enterprise may have staff onsite to protect a hybrid workforce and hundreds of endpoints, but SMBs likely do not.

Issues like the skills shortage and burnout of security professionals limit what staff can do to protect the organization and its endpoints. A UEM solution like IBM’s MaaS360 is the answer for businesses of any size, but especially SMBs who need a tool that can scale with the growing number of devices, as well as handle all types of management services needed to keep an organization secure.

Download the Data Sheet

More from Endpoint

Patch Tuesday -> Exploit Wednesday: Pwning Windows Ancillary Function Driver for WinSock (afd.sys) in 24 Hours

‘Patch Tuesday, Exploit Wednesday’ is an old hacker adage that refers to the weaponization of vulnerabilities the day after monthly security patches become publicly available. As security improves and exploit mitigations become more sophisticated, the amount of research and development required to craft a weaponized exploit has increased. This is especially relevant for memory corruption vulnerabilities. Figure 1 — Exploitation timeline However, with the addition of new features (and memory-unsafe C code) in the Windows 11 kernel, ripe new attack…

When the Absence of Noise Becomes Signal: Defensive Considerations for Lazarus FudModule

In February 2023, X-Force posted a blog entitled “Direct Kernel Object Manipulation (DKOM) Attacks on ETW Providers” that details the capabilities of a sample attributed to the Lazarus group leveraged to impair visibility of the malware’s operations. This blog will not rehash analysis of the Lazarus malware sample or Event Tracing for Windows (ETW) as that has been previously covered in the X-Force blog post. This blog will focus on highlighting the opportunities for detection of the FudModule within the…

Cybersecurity in the Next-Generation Space Age, Pt. 3: Securing the New Space

View Part 1, Introduction to New Space, and Part 2, Cybersecurity Threats in New Space, in this series. As we see in the previous article of this series discussing the cybersecurity threats in the New Space, space technology is advancing at an unprecedented rate — with new technologies being launched into orbit at an increasingly rapid pace. The need to ensure the security and safety of these technologies has never been more pressing. So, let’s discover a range of measures…

Backdoor Deployment and Ransomware: Top Threats Identified in X-Force Threat Intelligence Index 2023

Deployment of backdoors was the number one action on objective taken by threat actors last year, according to the 2023 IBM Security X-Force Threat Intelligence Index — a comprehensive analysis of our research data collected throughout the year. Backdoor access is now among the hottest commodities on the dark web and can sell for thousands of dollars, compared to credit card data — which can go for as low as $10. On the dark web — a veritable eBay for…