Were you unable to attend Transform 2022? Check out all of the summit sessions in our on-demand library now! Watch here.
Faced with an intensification of cybercrime, cybersecurity has become a dominant concern for companies in recent years. IT managers are starting to realize that their security architecture must be able to adapt to constant changes if they want to stay ahead of the game. Let’s explore how real the threats are and what effective systems should be put in place to discourage them.
Cyberthreats: What is your organization risking?
According to the U.S. Chamber of Commerce, there are 31.7 million small businesses in America, accounting for 99.9% of all U.S. businesses. As cyberattack threats are on the rise, 88% of small business owners admit they are vulnerable and are concerned about what solutions are available at affordable costs. Recent headlines clearly show that cyberattacks affect all organizations without discrimination, regardless of their sector or size. In fact, global cybercrime costs continue to climb and are expected to reach $10.5 trillion by 2025, according to predictions by the 2022 Cybersecurity Almanac.
Beyond the frequency, cyberattacks are also getting more complex. Helped by technology, cybercriminals are developing threats capable of entering systems through multiple entry points, making detection more difficult and the chance of the threats succeeding higher.
This all leads to the conclusion that detection and response solutions focusing exclusively on desktops are no longer sufficient to guarantee optimal protection for an organization.
MetaBeat will bring together thought leaders to give guidance on how metaverse technology will transform the way all industries communicate and do business on October 4 in San Francisco, CA.
XDR: The future of cybersecurity?
Born from EDR (endpoint detection and response), the XDR (extended detection and response) ecosystem offers to go even further by consolidating several products within a single incident detection and response platform. This cross-infrastructure capability is the common denominator of XDR, which at this stage stands out as an optimal solution for preventing cyberattacks.
Fully automated, this system replaces the detection and investigation processes previously carried out manually by internal resources. Due to its “extensive” nature, an XDR interface can analyze and detect multiple security vectors — such as network, cloud, messaging and other third-party security points.
This ability to provide a single pane of glass automates much of the diagnosis and decision-making for the people concerned by relieving them of time-consuming and administrative tasks.
While XDR is well and truly within the reach of any organization, realizing its full benefits depends on the organization’s cybersecurity maturity. Organizations that do not have the resources (software or human) are likely to benefit quite obviously from such a solution. Mid- to high-maturity cybersecurity organizations, on the other hand, who may already have the resources, will see a benefit in the automation of making sense of the data, leaving the people free to further mitigate threats.
What to look for in an XDR vendor
Ultimately, any company that plans to equip itself with an XDR interface seeks to maximize its operational efficiency by reducing the risks impacting the company’s security. When evaluating XDR suppliers, it is then necessary to check whether the proposed solutions allow:
- More accurate detection, leading to more accurate prevention.
- Better adaptability to the evolution of technologies and infrastructures.
- Fewer blind spots and better overview.
- Faster detection time or mean time-to-detection (MTTD).
- Faster time to remediate or mean time-to-respond (MTTR).
- Faster and more accurate investigations (fewer false positives) for greater control across the entire IT infrastructure.
When assessing vendors, look under the hood and ask questions. Ask, for example, whether data from all separate vectors have been automatically assessed and triaged, and whether or not the system provides meaningful and actionable next steps. Ultimately, it is essential to partner with a firm that will help your company stay one step ahead of the competition and properly arm it against new emerging threats.
Aparna Rayasam is chief product officer at Trellix.