Page 7 - Cyber Defense eMagazine - May 2018
P. 7
As a result, the second main important driver for enhancing the company’s
cybersecurity posture is also speed-related: faster detection and response capabilities
are mentioned by almost half of those surveyed, immediately below improving data
protection (51%). EDR tools that don’t have priority or severity-based alert filtering
mechanisms can slow the detection and response process of real threats, as it may
send IT and security staff on investigation paths that either lead nowhere or are trivial.
EDR alerts should not be about the sheer number of triggered alerts, but about
intelligent, reliable, and meaningful alerts with a high probability of pointing to a real
threat. Traditional EDR tools may seem like a security enabler, but without dedicated
and staffed SOC teams, they may either hinder the organization’s security capabilities
or make no significant contribution to the overall security posture.
Timely detection of data breaches directly affects organizations in a positive way, as
incident response procedures can be immediately triggered to contain, mitigate, and
prevent full-blown security incidents that could otherwise financially affect the
organization. Zeroing in on potential security breaches as they occur makes a world of
difference between business continuity and irreparable financial or reputational
damages.
Otherwise, damages caused by a data breach can scale over time the longer a breach
is present in an organization’s infrastructure. Failure to detect a breach as it occurs may
lead to full infrastructure compromise, irreversible data loss, and financial repercussions
from which some companies may never recover. With attacks becoming more
sophisticated, advanced, and pervasive, companies are left vulnerable by the traditional
set-and-forget security model; where organizations and business acquire but don’t
continuously manage security tools or update incident response plans. The true power
of an effective security posture lies in a layered security defense, augmented by next
generation detection and response tools that accurately nail potential data breaches as
they occur. Perhaps the biggest damage organizations cannot afford is a lack of the
right security tools.
Takeaways
When considering EDR solutions, Bitdefender security specialists strongly advise
enterprise CISOs to consider the importance and value of an integrated prevent-detect-
investigate-respond-evolve approach to endpoint security:
7 Cyber Defense eMagazine – May 2018 Edition
Copyright © 2018, Cyber Defense Magazine, All rights reserved worldwide.