Light Dark
September 1, 2015 By Caleb Barlow 3 min read
Endpoint

I read an article a few days ago in which the author subtly advocated that organizations should adopt a viewpoint based on fear when it comes to security breaches. The basic subtext was something like, “The cyberattackers are coming — run to your bunker!” The truth of the matter is that, in some ways, he’s right; it’s really not a question of if you will be breached, but when.

In fact, according to the IBM 2015 Cyber Security Intelligence Index, the average organization experienced 2.1 security incidents each week, when an incident is a security event that has been reviewed by IBM analysts and deemed worthy of deeper investigation. The study also showed that the incident-to-attack percentage, where an attack is defined as a security event that’s been identified as malicious activity, is on the rise, with the overall ratio increasing from .65 percent to .91 percent. That means cybercriminals are not only getting more prevalent, they’re also becoming more proficient at what they do.

The cost of a data breach is increasing, as well. A recent study from the Ponemon Institute revealed an average cost of nearly $3.8 million for the companies that participated in the project.

But even with these startling statistics, I’d much rather come from a place of confidence than fear when it comes to cybersecurity.

Choose Confidence, Not Fear

So how do you approach a security strategy with confidence instead of fear? First you have to look at the facts and know what you’re dealing with. If your organization is like most, you have a diverse mix of devices — desktops, laptops, servers and more — connecting to your corporate data. Moreover, you probably also deal with the reality of having to manage and secure a constantly changing landscape of devices linked to your data, including rogue devices into which you have no visibility and over which you have no control. That means you can’t quickly identify and respond to threats before widespread damage can occur.

Download the Sans Institute’s 2016 State of Endpoint Security Survey

Another potential problem is that in many organizations, IT security creates the endpoint policies while IT operations implements them. That means every new handoff, tool and process between the two teams creates an additional opportunity for out-of-compliance endpoints that can be breached.

It sounds like a scary scenario since every noncompliant endpoint on your system is a potential window into which a cyber burglar can climb. And managing and securing all those endpoints can seem like an overwhelming task.

But overwhelming doesn’t mean impossible, and it doesn’t even have to mean scary. A well-thought-out approach to cybersecurity based on confidence — instead of fear — needs to focus on managing and securing endpoints before, during and after a potential breach.

What to Do With Your Endpoint Security

Before

Clearly, the best protection against threats is to discover and quarantine them before damage is inflicted across the network. This requires intelligence to monitor and report on the status of every endpoint, regardless of type or location, in real time. Any endpoint found to be out of compliance should be automatically remediated and made compliant or quarantined completely before it can infect the broader network.

During

Security teams are overwhelmed by an influx of vulnerabilities and lack the contextual data to help them prioritize the greatest threats, making it possible for months to pass between the discovery of a vulnerability and the application of a patch. To effectively cut through the noise of millions of security events, companies need to use analytics-based solutions to assess and display vulnerabilities by threat level.

After

Once a vulnerability is discovered, action needs to be taken quickly on all endpoints, both on and off the network. Any noncompliant or infected endpoints need to be isolated until remediation is complete. The No. 1 factor that helps reduce the cost of a data breach is having an effective response strategy in place, according to the Ponemon study. With real-time, automated processes, endpoints can be disinfected in minutes.

Managing Endpoint Security

A well-structured endpoint security strategy needs to recognize that endpoints provide criminals with entry into an organization’s most valued data and understand that managing and securing those endpoints is critical. Now you can approach this security from a place of confidence — not fear — with IBM BigFix.

IBM Big Fix gives you the visibility and control to quickly detect and respond to cyberthreats at every stage and across all endpoints. IBM Big Fix:

  • Monitors and secures every endpoint — on and off the corporate network — before, during and after an attack;
  • Delivers real-time situational awareness and incident response across endpoints to mitigate damage;
  • Protects an ever-increasing number of endpoints, letting you manage and secure up to 250,000 of them from a single server — whether they’re connected to your network or not;
  • Gives you advanced protection against malware from the moment a threat is released until security patches are in place;
  • Bridges the endpoint gap between IT ops and security to reduce operational costs while improving security posture.

Can We Say Next-Gen Yet? Read the Sans Institute’s 2016 State of Endpoint Security Survey

 |  |  |  |  | 
Caleb Barlow

More from Endpoint
November 28, 2023

Unified endpoint management for purpose-based devices

4 min read - As purpose-built devices become increasingly common, the challenges associated with their unique management and security needs are becoming clear. What are purpose-built devices? Most fall under the category of rugged IoT devices typically used outside of an office environment and which often run on a different operating system than typical office devices. Examples include ruggedized tablets and smartphones, handheld scanners and kiosks. Many different industries are utilizing purpose-built devices, including travel and transportation, retail, warehouse and distribution, manufacturing (including automotive)…

October 30, 2023

Virtual credit card fraud: An old scam reinvented

3 min read - In today's rapidly evolving financial landscape, as banks continue to broaden their range of services and embrace innovative technologies, they find themselves at the forefront of a dual-edged sword. While these advancements promise greater convenience and accessibility for customers, they also inadvertently expose the financial industry to an ever-shifting spectrum of emerging fraud trends. This delicate balance between new offerings and security controls is a key part of the modern banking challenges. In this blog, we explore such an example.…

October 19, 2023

Endpoint security in the cloud: What you need to know

9 min read - Cloud security is a buzzword in the world of technology these days — but not without good reason. Endpoint security is now one of the major concerns for businesses across the world. With ever-increasing incidents of data thefts and security breaches, it has become essential for companies to use efficient endpoint security for all their endpoints to prevent any loss of data. Security breaches can lead to billions of dollars worth of loss, not to mention the negative press in…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2024 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature