Page 6 - Cyber Defense eMagazine - May 2018
P. 6

As  cybercriminals  and  threat  developers  shift  to  sophisticated  and  more  complex
               threats,  such  as  unknown  malware  or  file-less  attacks,  to  evade  traditional  solutions,
               companies have started adding layers of protection that back up the standard EPPs.
               However, even if stacking multiple solutions like EDR brings stronger security, CISOs
               still  face  trouble  managing  multiple  platforms,  chasing  false  alerts  and  increasing
               security teams while keeping costs down.

               A Bitdefender survey of large companies in the US and Europe shows that most CISOs
               have  difficulties  in  deploying  and  maintaining  complicated  endpoint  security
               architectures.  Seventy-two  percent  of information  security  professionals  admitted  that
               their IT team experienced agent and alert fatigue, and 34 percent of US respondents
               said their budget could not accommodate infrastructure expansion.

               While some companies have started taking steps to defend against advanced attacks
               by developing SOCs – many still have no internal structure to deal with modern threats.
               With  no  SOCs  in  place,  CISOs  complain  about  different  security  flaws.  Sixty-four
               percent of Americans in companies with no SOC said monitoring activities  are one of
               their toughest challenges.


               On top of that, in terms of  manpower and time consumption, managing  EDR tools is
               described as difficult or very difficult by half of IT execs. Fifteen percent of US CISOs
               said it is very difficult deploying these technologies. Some security professionals who
               use both protection and detection and response-based security feel they are too noisy.
               In  fact,  Bitdefender  research  uncovered  of  all  endpoint  alerts  triggered  by  monitoring
               and response technologies handled by American security teams, 49 percent are false
               alarms.

               CISOS ARE RUNNING WITH TIED LEGS


               Companies that use an EDR solution have acknowledged that a cyberattack can occur
               at any time, and protection platforms can only address 99 percent of the threats in the
               wild.  EDR  tools  focus  on  the  last  one  percent  of  threats,  allowing  for  much  greater
               fidelity  in  incident  investigations.  On  average,  82  percent  of  security  professionals  in
               Europe  and  the  US  say  that  reaction  time  is  a  key  differentiator  in  mitigating
               cyberattacks.  Across  the  globe,  CISOs’  point  out  that  time  is  of  the  essence  when
               isolating  the  incident  to  prevent  spreading  (68%),  identifying  how  the  breach  occurs
               (55%),  and  evaluating  losses  and  the  impact  of  the  breach  (51%),  mainly.  Delayed
               response to a cyber incident can also make it harder to accurately identify the initial time
               of  attack  and  assess  the  timeframe  (30%),  understand  the  motivation  for  the
               cyberattack (19%), or improve the incident response plan for future attempts (17%).





                     6   Cyber Defense eMagazine – May 2018 Edition
                         Copyright © 2018, Cyber Defense Magazine,  All rights reserved worldwide.
   1   2   3   4   5   6   7   8   9   10   11