Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Wednesday, 8 February, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

Five on-the-Ground Insights on Implementing Endpoint Security in the Cloud

by The Gurus
May 14, 2018
in This Week's Gurus
safe
Share on FacebookShare on Twitter

Today’s “access-everything-anywhere-anytime” mobile data environment is great news for business productivity and performance but on the flipside it’s also a huge opportunity for cybercriminals. The increasing multitude of endpoints represents an ever-expanding playground in which to develop new ways of infiltrating corporate networks and making off with the digital goods. Malware, ransomware and a rising incidence of fileless attacks all constantly chip away at the perimeter while security pros now have to secure an environment that can comprise thousands of potential attack points. So, it’s not surprising that getting smarter about endpoint security is high on the CISO agenda and we’re seeing many turning to the cloud to cope with the scale and complexity of the task.

At Carbon Black we regularly talk to experienced CISOs who are in different stages of implementing cloud-based endpoint security and we see common threads – some operational, some strategic – running through those conversations. It’s also fascinating how these threads demonstrate the diverse skillset required by today’s CISOs. Here are five key insights that we’ve gleaned that will help anyone moving to cloud-based next generation security:

Before you start – know your data risk

When scoping your endpoint security strategy start by understanding what data is being accessed through your endpoints and its associated risk profile so you can devise an appropriate response in terms of mobile access to that data. This varies depending on the level of regulation in your industry. Linked to this is identifying compliance issues or privacy considerations that must be factored in when increasing endpoint monitoring – particularly if you operate in multiple territories. Having this understanding at the outset means you can devise a system that fits the challenge at hand, avoiding any surprises further down the line.

Layer it up to complement existing systems

Endpoint security has become a priority due to the expansion and increasing vulnerability of the network perimeter. It therefore makes sense to view moving to next generation endpoint security in the cloud as an evolutionary stage in an organisation’s security strategy. CISOs tell us that they see it as an additional layer that enhances their capabilities by delivering far greater real-time intelligence and visibility of the network, allowing them to detect and mitigate more attacks, faster.

At the same time as adding layers, though, they are aiming to keep a rein on the time and resources needed to manage their systems. This means that choosing products with intuitive management consoles and straightforward reporting is a key priority.

Balance security and system performance

For all that a breach in security could bring an organisation to its knees, try persuading users to tolerate any kind of slow-down in system performance and you’ll soon face a people’s revolt. The vast processing power of the cloud takes away the burden from on-premise systems and ensures that there is no user-detectable impact on performance. For CISOs this is one of the most important pillars in building the business case for moving endpoint security to the cloud.

People are your biggest security weakness – change management is crucial

Speaking of user impact, as employees become increasingly mobile they need to understand their own responsibility to protect the organisation. This is where, on top of all the other skills that today’s CISOs need, change management enters the mix. It is as much a psychological challenge as an operational one to create a security-conscious culture throughout the business.

As the lines between personal and business technology become increasingly blurred this actually represents an opportunity to frame cybersecurity as something that’s important across all aspects of our online lives: a security mindset shouldn’t be something you switch off when you leave the workplace. Education programmes that help users safeguard their home systems as well as the ones they use for work have more resonance and lead to smarter, more secure behaviour across the board, which has got to be a good thing.

Another angle is to make users feel a valued part of security. Explaining what the system is designed to do and how what’s being asked of them – e.g. adopting two-factor authentication – actually protects the network is a great way to create a sense of mission around security. CISOs also favour phased rollout – so users can receive adequate support during the adoption cycle and frustration is reduced.

Bring it to the board

Cybersecurity has shot up the board agenda thanks to a proliferation of high profile ransomware and DDoS attacks and the ever-tightening regulatory environment. Basic generalisations about the threat environment don’t cut it with the board anymore as directors want to know to what degree their business is under attack and what management plans to do about it.

CISOs are finding themselves more frequently invited to present to the board and this is a great opportunity to secure ongoing buy-in for endpoint security. Boards are motivated by understanding risk, so a powerful approach is to use the reporting capabilities of cloud-based security to demonstrate the number of security incidents that the system is encountering and neutralising on an ongoing basis. This offers an overall picture of the threat environment and demonstrates the importance of swift mitigation and forensic analysis of attacks to inform future strategy. With this evidence the board is better-positioned to assess risk in relation to business objectives and it is putting CISOs in a stronger position to bid for budget to protect the business.

There’s no doubt that implementing endpoint security in the cloud requires CISOs to draw on many very different areas of expertise: data management, privacy and compliance, business case building and change management to name just a few. What I take from our conversations is the knowledge that we, as solutions providers, need to support the whole process from start to finish – from the business user to the boardroom. At Carbon Black and we bring our expertise to complement that of our customers, protecting their business and making sure they reap the huge advantages of moving next-generation endpoint security to the cloud.

FacebookTweetLinkedIn
Tags: CybersecurityTechnology
ShareTweetShare
Previous Post

Compliance comes back into focus

Next Post

Users Warned of Critical PGP Email Encryption Security Flaw

Recent News

Cato Networks delivers first CASB for instant visibility and control of cloud application data risk

Cato SASE Cloud Named “Leader” and “Outperformer” in GigaOm Radar Report for SD-WAN

February 7, 2023
AT&T Cybersecurity grows SASE offering by adding Palo Alto Networks

UK second most targeted nation behind America for Ransomware

February 7, 2023
safe

Will Emphasising App Security Lead to More App Installs?

February 6, 2023
Phone with app store open

$400,000 Fine for Stalkerware App Developer

February 6, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information