ENDPOINT PROTECTION
CONTINUED
“A multi-layered offering helps deal with a whole complex infrastructure to simplify safeguarding endpoints,” he says. “Integrating an endpoint solution and other security tools will help resilience. If you have a dashboard pulling together remote monitoring and management tools, including enterprise- grade EDR capabilities, this will help prevent attacks and respond to threats. Features of an integrated EDR solution should also include offline protection, enhanced quarantine, automated rollback, and behavioural AI engines and machine learning.” Greg adds EDR has become a necessity. “Traditionally, EDR and threat hunting required highly technical skills, so there is a significant push to make EDR usable by average security personnel in a timely manner,” he says. Lance Williams, CTO at Distology, adds: “Detection is one thing and response is essential – if you’ve the skills in house to deploy, run and act on alerts generated by an EDR solution, then buy one. If you don’t, then you should consider running the native device security and subscribe to a MSSP or MDR, so that someone else can focus on the D and the R for you but be sure to understand what level of response you’ll get within the service.” Shift Karl Wilkinson from Lucid Systems adds there is a shift away from solutions that protect individual entities in an attack and response method towards more sophisticated EDR and XDR (extended detection and response) options. “Ironically, AI has caused significant growth in the volume of threats, yet it can also be used to predict attacks and provide zero- hour protection,” he says. “Along with real-time defences, the latest endpoint protection solutions will look holistically protecting all end points within a network. This means that, as IT consultants, we can rapidly take the proper measures to protect other endpoints in your network from being attacked.” Pieter VanIperen, Own Company's CISO, agrees that the trend is shifting toward immutable infrastructure, with EDR that combines zero trust, user and entity behaviour analytics, and other signals to stop anything that deviates from what is known. “These EDRs are using AI to help enhance that understanding,” he says. “We are moving beyond countering known threats and are now confronting the unknown. When everything is suspicious, organisations
need a means to limit the noise, and so focusing on EDR technology is quintessential for resellers.” Other trends Kent adds that another key trend is endpoint security in the cloud. “With the increase in remote work and the adoption of hybrid and multi-cloud environments, the attack surface has expanded, necessitating the need to secure endpoints,” he says. “Integrating endpoint security with cloud platforms provides seamless protection and management across all devices, as well as flexibility and scalability. This trend reflects the need for comprehensive and adaptive security solutions in an increasingly digital and distributed work environment.” Securing legacy systems and consolidating cybersecurity data are also important, Greg adds. “Alongside cutting-edge technology, there are legacy systems that often run offline and serve singular purposes on outdated hardware,” he says. “These systems need the same level of security as modern ones because they are more vulnerable due to the inability to patch them. “Also, most organisations aim to consolidate their cybersecurity data to gain a richer, simpler view of what is happening within their business. While security information and event management solutions help with this, they were not designed for this specific purpose. EDR is better suited but often considered as a service due to the continuous maintenance required to understand evolving telemetry and the need for skilled monitoring to define appropriate response strategies.” Richard Eglon at Nebula Global Services adds that Desktop-as-a-Service where MSPs and cloud service providers are delivering virtual desktops to end user clients is another trend. “This allows companies to centralise their security policies and have more control over their endpoint devices by proactively managing security updates and monitoring AI-enabled threats,” he says. Role of AI One of the biggest trends in the market – and biggest threats posed to endpoints – is artificial intelligence (AI). “AI is going to do something we haven't seen in decades,” says Pieter. “There will be truly novel attacks that we have never thought of that will become available to adversaries. And it will take information security a few years to catch up
Rachel Rothwell
“
MSPs should be highlighting their ability to provide good overall protection for the network and all endpoints from the outset.
”
Markus Rex
Troels Rasmussen
42
Powered by FlippingBook