SlideShare a Scribd company logo

Maturing Endpoint Security: 5 Key Considerations

Sirius, profile picture
Sirius

The document discusses the importance of maturing endpoint security strategies to combat the increasing sophistication of cyber threats. It outlines five key considerations for organizations to improve their security posture, including assessing current capabilities, ensuring comprehensive protection, centralizing management, streamlining incident response, and bolstering security awareness. Additionally, it highlights the need for advanced detection and response tools, and the role of human behavior in security vulnerabilities.

Technology
Related topics:
Data SecurityMobile Security InsightsCloud Computing Insights Computer Security Information Security
1 of 29
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
MATURING ENDPOINT SECURITY 5 KEY CONSIDERATIONS
www.forsythe.com Forsythe is a leading enterprise IT company, providing advisory services, security, hosting and technology solutions for Fortune 1000 organizations. Forsythe helps clients optimize, modernize and innovate their IT to become agile, secure, digital businesses. Sponsored by
Maturing Endpoint Security: 5 Key Considerations
Ask yourself: a) Very confident b) Somewhat confident c) Not at all confident HOW CONFIDENT ARE YOU IN YOUR ORGANIZATION’S ABILITY TO DETECT AND RESPOND TO MODERN THREATS?
THE AGGRESSIVENESS AND SOPHISTICATION OF CYBER ATTACKS HAS INCREASED; DEFENSIVE CAPABILITIES ARE NOT KEEPING UP Sources: Gemalto 2016 Breach Level Index, FireEye 2017 M-Trends Report 1.4 billion data records were compromised during 2016, an increase of 86 percent over 2015 Global median time from compromise to discovery in 2016 was 99 days
Source: Verizon 2016 Data Breach Investigations Report USERS AND USER DEVICES REPRESENT THE LARGEST AND FASTEST-GROWING TARGET GROUP Server User Device Person Media Kiosk/Terminal Network2009 2010 2011 2012 2013 2014 2015 0% 10% 20% 30% 40% 50% Percent of breaches per asset category over time
NO MATTER WHAT TECHNOLOGY WE PUT IN PLACE, NO MATTER HOW MUCH MONEY WE SPEND ON PROTECTIONS FOR THE ORGANIZATION, WE STILL HAVE PEOPLE, AND PEOPLE ARE FALLIBLE. — Theodore Kobus, Baker & Hostetler, Privacy and Data Protection
ENDPOINT SECURITY IS THE FRONT LINE IN THE FIGHT AGAINST CYBER ATTACKS
Ask yourself: a) Less than 5 b) More than 5 c) Not sure HOW MANY ENDPOINT SECURITY AGENTS IS YOUR TEAM CURRENTLY MONITORING?
Source: Forrester Mastering the Endpoint, March 2017 On average, organizations are monitoring 10 different security agents… …and swiveling between at least 5 different interfaces to investigate and remediate incidents
Forrester Business Technographics Security Survey, Q3 2016 MANY ORGANIZATIONS STILL RELY HEAVILY ON SIGNATURE-BASED SOLUTIONS 55% 53% 63% 80%
THE BOTTOM LINE: ORGANIZATIONS NEED TO ENHANCE PREVENTION METHODS ON THE ENDPOINT AND ADD THE ABILITY TO DETECT AND RESPOND TO EMERGING THREATS
BY 2020, 80% OF LARGE ENTERPRISES, 25% OF MIDSIZE ORGANIZATIONS AND 10% OF SMALL ORGANIZATIONS WILL HAVE INVESTED IN EDR CAPABILITIES. — Gartner Market Guide for Endpoint Detection and Response Solutions, 30 November, 2016
ENDPOINT SECURITY USE CASES Facilitate the prevention of attacks by stopping endpoints from executing malicious files and processes, and/or connecting to malicious domains and URLs. Some tools can also remove malicious files, and isolate infected endpoints from the network. Search for and identify advanced attacks or malware processes in real-time through proactive hunting for malicious activity. This can include activity scoring, and both rule-based and threat-intelligence- based detection. This use case is typically for organizations with mature security programs. Continuous monitoring of endpoints to understand what executables are running, what activities users and/or endpoints are engaging in or have engaged in, the current state of endpoints, etc. Analysts can use recorded information to establish trends and patterns of activities to learn what’s normal, and what’s not. Provide a platform to document, analyze, contain, disrupt and/or remediate incidents. Provide history of activity, connections and actions. Conduct historical searches, and scan systems for known artifacts derived from threat intelligence and past investigations. Prevent or alert on unauthorized changes to endpoint configurations/installations. Maintain standard or “Gold” images in order to prevent the need to reimage. Enhance patch management by preventing vulnerabilities from being exploited before organizations have a chance to deploy patches. Incident Investigation/ Response Management Prevention Threat Hunting/ Detection Monitoring/ Visibility
FINDING THE RIGHT FIT There are numerous EDR solutions to choose from, as well as next-generation endpoint security solutions from EPP providers that incorporate EDR capabilities.
5 KEYS TO MATURING YOUR ENDPOINT STRATEGY
Organizations need to evaluate their current capabilities before they can advance their programs ONE GAUGE YOUR MATURITY
Initial Processes unorganized; not repeatable or scalable Repeatable Basic program and policies established; success can be repeated Defined Program and policies formalized and updated in last 24 months Managed Program formalized, up to date and functioning; CISO in place Optimized Model security program around all endpoints; designed to anticipate change ENDPOINT SECURITY MATURITY MODEL
Ask yourself: a) Initial or Repeatable b) Defined or Managed c) Optimized d) Unsure BASED ON THIS MODEL, WHAT WOULD YOU GUESS YOUR ORGANIZATION’S MATURITY TO BE?
No single solution can keep up with today’s sophisticated, emerging threats TWO ENSURE COMPREHENSIVE PROTECTION
COMPREHENSIVE CONTROLS Anti-virus Advanced prevention tools Advanced detection and response tools Additional endpoint security controls • Application controls • Network access controls • Management controls • Port controls • DLP • ERM NEXT-GENERATION ENDPOINT SECURITY
MACHINE LEARNING? Machine learning is one of the year’s hottest technology trends; within the endpoint security space, many companies legitimately claim to do some machine learning, though it’s often not clear what that means, how it works, or even why it is important.
It is impossible to manually manage all of the endpoints on your network; while it’s important to have defense-in-depth, it is equally important to consolidate agents and processes wherever possible THREE CENTRALIZE MANAGEMENT
Too much IT security spending has focused on the prevention of data breaches, and not enough has gone towards preparing for the inevitable FOUR STREAMLINE INCIDENT RESPONSE
Humans are the weakest link in any security strategy; defending against human behavior involves a combination of endpoint security solutions and increased awareness FIVE BOLSTER SECURITY AWARENESS
http://focus.forsythe.com/articles/574/Maturing- Endpoint-Security-5-Key-Considerations CHECK OUT THE ORIGINAL ARTICLE:
http://focus.forsythe.com OR FIND MORE ARTICLES ABOUT BUSINESS AND TECHNOLOGY SOLUTIONS AT FOCUS ONLINE:
Authors: Jose Ferreira Security Strategist, Forsythe Security Solutions Josh Thurston Security Strategist, Office of the CTO, McAfee www.forsythe.com Forsythe is a leading enterprise IT company, providing advisory services, security, hosting and technology solutions for Fortune 1000 organizations. Forsythe helps clients optimize, modernize and innovate their IT to become agile, secure, digital businesses.
Maturing Endpoint Security: 5 Key Considerations

More Related Content

PDF
What Is Next-Generation Endpoint Security and Why Do You Need It?
Priyanka Aash
 
PDF
IDC Security 2014, Endpoint Security in Depth
Ken Tulegenov
 
PPTX
What is Next-Generation Antivirus?
Ryan G. Murphy
 
PPTX
Malware evolution and Endpoint Detection and Response
Adrian Guthrie
 
PPTX
NextGen Endpoint Security for Dummies
Atif Ghauri
 
PDF
Wireless Infusion Pumps: Securing Hospitals’ Most Ubiquitous Medical Device
Priyanka Aash
 
PDF
Cloud Breach – Preparation and Response
Priyanka Aash
 
PDF
Evidence-Based Security: The New Top Five Controls
Priyanka Aash
 
What Is Next-Generation Endpoint Security and Why Do You Need It?
Priyanka Aash
 
IDC Security 2014, Endpoint Security in Depth
Ken Tulegenov
 
What is Next-Generation Antivirus?
Ryan G. Murphy
 
Malware evolution and Endpoint Detection and Response
Adrian Guthrie
 
NextGen Endpoint Security for Dummies
Atif Ghauri
 
Wireless Infusion Pumps: Securing Hospitals’ Most Ubiquitous Medical Device
Priyanka Aash
 
Cloud Breach – Preparation and Response
Priyanka Aash
 
Evidence-Based Security: The New Top Five Controls
Priyanka Aash
 

What's hot (20)

PDF
A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...
Kaspersky
 
PPTX
Mapping the Enterprise Threat, Risk, and Security Control Landscape with Splunk
Andrew Gerber
 
PDF
The Critical Security Controls and the StealthWatch System
Lancope, Inc.
 
PDF
Carbon Black Corporate Overview 2016
Exclusive Networks ME
 
PDF
Building a World-Class Proactive Integrated Security and Network Ops Center
Priyanka Aash
 
PDF
How To Avoid The Top Ten Software Security Flaws
Priyanka Aash
 
PDF
Building a Next-Generation Security Operations Center (SOC)
Sqrrl
 
PDF
Implementing An Automated Incident Response Architecture
Priyanka Aash
 
PDF
Wfh security risks - Ed Adams, President, Security Innovation
Priyanka Aash
 
PPTX
Security operation center (SOC)
Ahmed Ayman
 
PPTX
IT Cyber Security Operations
Napier University
 
PPTX
7 Steps to Build a SOC with Limited Resources
LogRhythm
 
PPTX
Endpoint Modeling 101 - A New Approach to Endpoint Security
Observable Networks
 
PPTX
RSA 2016 Security Analytics Presentation
Anton Chuvakin
 
PPTX
Security Operations Center (SOC) Essentials for the SME
AlienVault
 
PDF
From IT to IoT: Bridging the Growing Cybersecurity Divide
Priyanka Aash
 
PPTX
Effective Security Operation Center - present by Reza Adineh
ReZa AdineH
 
PDF
Achieving Defendable Architectures Via Threat Driven Methodologies
Priyanka Aash
 
PDF
DTS Solution - Building a SOC (Security Operations Center)
Shah Sheikh
 
PPTX
Five SIEM Futures (2012)
Anton Chuvakin
 
A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...
Kaspersky
 
Mapping the Enterprise Threat, Risk, and Security Control Landscape with Splunk
Andrew Gerber
 
The Critical Security Controls and the StealthWatch System
Lancope, Inc.
 
Carbon Black Corporate Overview 2016
Exclusive Networks ME
 
Building a World-Class Proactive Integrated Security and Network Ops Center
Priyanka Aash
 
How To Avoid The Top Ten Software Security Flaws
Priyanka Aash
 
Building a Next-Generation Security Operations Center (SOC)
Sqrrl
 
Implementing An Automated Incident Response Architecture
Priyanka Aash
 
Wfh security risks - Ed Adams, President, Security Innovation
Priyanka Aash
 
Security operation center (SOC)
Ahmed Ayman
 
IT Cyber Security Operations
Napier University
 
7 Steps to Build a SOC with Limited Resources
LogRhythm
 
Endpoint Modeling 101 - A New Approach to Endpoint Security
Observable Networks
 
RSA 2016 Security Analytics Presentation
Anton Chuvakin
 
Security Operations Center (SOC) Essentials for the SME
AlienVault
 
From IT to IoT: Bridging the Growing Cybersecurity Divide
Priyanka Aash
 
Effective Security Operation Center - present by Reza Adineh
ReZa AdineH
 
Achieving Defendable Architectures Via Threat Driven Methodologies
Priyanka Aash
 
DTS Solution - Building a SOC (Security Operations Center)
Shah Sheikh
 
Five SIEM Futures (2012)
Anton Chuvakin
 
Ad

Similar to Maturing Endpoint Security: 5 Key Considerations (20)

PDF
Carbon Black: 32 Security Experts on Changing Endpoint Security - Quotes from...
Mighty Guides, Inc.
 
PDF
Carbon Black: Justifying the Value of Endpoint Security
Mighty Guides, Inc.
 
PPTX
Protecting endpoints from targeted attacks
AppSense
 
PDF
Carbon Black: 32 Security Experts on Changing Endpoint Security
Mighty Guides, Inc.
 
PPTX
Select and Implement a Next Generation Endpoint Protection Solution
Info-Tech Research Group
 
PDF
REAL TIME ENDPOINT INSIGHTS
Accelerite
 
PDF
Endpoint Protection Best Practices - Eflot
yams12611
 
PDF
CounterTack: 10 Experts on Active Threat Management
Mighty Guides, Inc.
 
PDF
What is Endpoint Security presentation download
Rosy G
 
PDF
Carbon Black: Moving to a Cloud Based Next Generation Platform for Endpoint S...
Mighty Guides, Inc.
 
PDF
The Endpoint Security Paradox
Symantec
 
PPT
Top Tactics For Endpoint Security
Ben Rothke
 
PPTX
Endpoint Security Pres.pptx
NBBNOC
 
PDF
Why Endpoint Security is Important for Your Business .
kandrasupriya99
 
PDF
You Can't Stop The Breach Without Prevention And Detection
CrowdStrike
 
PPTX
Understanding Endpoint Security in a SOC
wininlifeacademy5
 
PPTX
Endpoint Security of database, data file, and information
SamuelDare7
 
PDF
Why Endpoint Security is Important for Your Business.
kandrasupriya99
 
PPTX
It's Time to Rethink Your Endpoint Strategy
Lumension
 
PPT
Info Sec2007 End Point Final
Ben Rothke
 
Carbon Black: 32 Security Experts on Changing Endpoint Security - Quotes from...
Mighty Guides, Inc.
 
Carbon Black: Justifying the Value of Endpoint Security
Mighty Guides, Inc.
 
Protecting endpoints from targeted attacks
AppSense
 
Carbon Black: 32 Security Experts on Changing Endpoint Security
Mighty Guides, Inc.
 
Select and Implement a Next Generation Endpoint Protection Solution
Info-Tech Research Group
 
REAL TIME ENDPOINT INSIGHTS
Accelerite
 
Endpoint Protection Best Practices - Eflot
yams12611
 
CounterTack: 10 Experts on Active Threat Management
Mighty Guides, Inc.
 
What is Endpoint Security presentation download
Rosy G
 
Carbon Black: Moving to a Cloud Based Next Generation Platform for Endpoint S...
Mighty Guides, Inc.
 
The Endpoint Security Paradox
Symantec
 
Top Tactics For Endpoint Security
Ben Rothke
 
Endpoint Security Pres.pptx
NBBNOC
 
Why Endpoint Security is Important for Your Business .
kandrasupriya99
 
You Can't Stop The Breach Without Prevention And Detection
CrowdStrike
 
Understanding Endpoint Security in a SOC
wininlifeacademy5
 
Endpoint Security of database, data file, and information
SamuelDare7
 
Why Endpoint Security is Important for Your Business.
kandrasupriya99
 
It's Time to Rethink Your Endpoint Strategy
Lumension
 
Info Sec2007 End Point Final
Ben Rothke
 
Ad

More from Sirius (20)

PDF
Healthcare Cybersecurity Survey 2018 - Sirius
Sirius
 
PPTX
6 Guidelines on Crafting a Charter for your Business Transformation
Sirius
 
PPTX
Exhaust into Fuel: Turning Data into a Strategic Business Asset
Sirius
 
PPTX
3 Keys to Web Application Security
Sirius
 
PPTX
Best Practices for Multi-Factor Authentication: Delivering Stronger Security ...
Sirius
 
PPTX
Optimizing Your IT Strategy: 5 Steps to Successfull Hybrid IT
Sirius
 
PPTX
Optimizing Security Operations: 5 Keys to Success
Sirius
 
PPTX
Keep Calm and Comply: 3 Keys to GDPR Success
Sirius
 
PPTX
Beyond backup to intelligent data management
Sirius
 
PPTX
Making the Jump to Hyperconvergence: Don't Get Left Behind
Sirius
 
PPTX
Addressing the EU GDPR & New York Cybersecurity Requirements: 3 Keys to Success
Sirius
 
PPTX
Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...
Sirius
 
PPTX
6 Ways to Deceive Cyber Attackers
Sirius
 
PPTX
Your Cloud Strategy: Evolution or Revolution
Sirius
 
PPTX
Open Source, Open Mindset: 4 Keys to Continuous Cloud Transformation
Sirius
 
PPTX
7 Essential Services Every Data Center Solutions Provider Should Have
Sirius
 
PPTX
10 Keys to Data-Centric Security
Sirius
 
PPTX
5 Keys to Addressing Insider Threats
Sirius
 
PPTX
6 Steps for Operationalizing Threat Intelligence
Sirius
 
PPTX
5 Ways to Close Your Information Technology Skills Gap
Sirius
 
Healthcare Cybersecurity Survey 2018 - Sirius
Sirius
 
6 Guidelines on Crafting a Charter for your Business Transformation
Sirius
 
Exhaust into Fuel: Turning Data into a Strategic Business Asset
Sirius
 
3 Keys to Web Application Security
Sirius
 
Best Practices for Multi-Factor Authentication: Delivering Stronger Security ...
Sirius
 
Optimizing Your IT Strategy: 5 Steps to Successfull Hybrid IT
Sirius
 
Optimizing Security Operations: 5 Keys to Success
Sirius
 
Keep Calm and Comply: 3 Keys to GDPR Success
Sirius
 
Beyond backup to intelligent data management
Sirius
 
Making the Jump to Hyperconvergence: Don't Get Left Behind
Sirius
 
Addressing the EU GDPR & New York Cybersecurity Requirements: 3 Keys to Success
Sirius
 
Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...
Sirius
 
6 Ways to Deceive Cyber Attackers
Sirius
 
Your Cloud Strategy: Evolution or Revolution
Sirius
 
Open Source, Open Mindset: 4 Keys to Continuous Cloud Transformation
Sirius
 
7 Essential Services Every Data Center Solutions Provider Should Have
Sirius
 
10 Keys to Data-Centric Security
Sirius
 
5 Keys to Addressing Insider Threats
Sirius
 
6 Steps for Operationalizing Threat Intelligence
Sirius
 
5 Ways to Close Your Information Technology Skills Gap
Sirius
 

Recently uploaded (20)

PDF
Spectral efficient network and resource selection model in 5G networks
IAESIJAI
 
PDF
cuic standard and advanced reporting.pdf
SimoneTitaniumTomase
 
PPTX
Big Data Technologies - Introduction.pptx
kuthubussaman1
 
PDF
How UI/UX Design Impacts User Retention in Mobile Apps.pdf
SynapseIndia
 
PDF
Electronic commerce courselecture one. Pdf
OmerMohamed64
 
PDF
Machine learning based COVID-19 study performance prediction
IAESIJAI
 
PDF
CIFDAQ's Market Insight: SEC Turns Pro Crypto
CIFDAQ
 
PDF
NewMind AI Monthly Chronicles - July 2025
NewMind AI
 
PDF
Chapter 3 Spatial Domain Image Processing.pdf
Getnet Tigabie Askale -(GM)
 
PPTX
KOM of Painting work and Equipment Insulation REV00 update 25-dec.pptx
muhammadmuneebnaeem7
 
PDF
Review of recent advances in non-invasive hemoglobin estimation
IAESIJAI
 
PDF
Diabetes mellitus diagnosis method based random forest with bat algorithm
IAESIJAI
 
PDF
Dropbox Q2 2025 Financial Results & Investor Presentation
Dropbox
 
PDF
NewMind AI Weekly Chronicles - August'25 Week I
NewMind AI
 
PDF
Architecting across the Boundaries of two Complex Domains - Healthcare & Tech...
Peter Tan
 
PPTX
Understanding_Digital_Forensics_Presentation.pptx
ImranKhan423233
 
PDF
7 ChatGPT Prompts to Help You Define Your Ideal Customer Profile.pdf
SOFTTECHHUB
 
PDF
Mobile App Security Testing_ A Comprehensive Guide.pdf
flufftailshop
 
PPTX
A Presentation on Artificial Intelligence
memembruh336
 
PDF
Blue Purple Modern Animated Computer Science Presentation.pdf.pdf
Akar16
 
Spectral efficient network and resource selection model in 5G networks
IAESIJAI
 
cuic standard and advanced reporting.pdf
SimoneTitaniumTomase
 
Big Data Technologies - Introduction.pptx
kuthubussaman1
 
How UI/UX Design Impacts User Retention in Mobile Apps.pdf
SynapseIndia
 
Electronic commerce courselecture one. Pdf
OmerMohamed64
 
Machine learning based COVID-19 study performance prediction
IAESIJAI
 
CIFDAQ's Market Insight: SEC Turns Pro Crypto
CIFDAQ
 
NewMind AI Monthly Chronicles - July 2025
NewMind AI
 
Chapter 3 Spatial Domain Image Processing.pdf
Getnet Tigabie Askale -(GM)
 
KOM of Painting work and Equipment Insulation REV00 update 25-dec.pptx
muhammadmuneebnaeem7
 
Review of recent advances in non-invasive hemoglobin estimation
IAESIJAI
 
Diabetes mellitus diagnosis method based random forest with bat algorithm
IAESIJAI
 
Dropbox Q2 2025 Financial Results & Investor Presentation
Dropbox
 
NewMind AI Weekly Chronicles - August'25 Week I
NewMind AI
 
Architecting across the Boundaries of two Complex Domains - Healthcare & Tech...
Peter Tan
 
Understanding_Digital_Forensics_Presentation.pptx
ImranKhan423233
 
7 ChatGPT Prompts to Help You Define Your Ideal Customer Profile.pdf
SOFTTECHHUB
 
Mobile App Security Testing_ A Comprehensive Guide.pdf
flufftailshop
 
A Presentation on Artificial Intelligence
memembruh336
 
Blue Purple Modern Animated Computer Science Presentation.pdf.pdf
Akar16
 

Maturing Endpoint Security: 5 Key Considerations

  • 2. www.forsythe.com Forsythe is a leading enterprise IT company, providing advisory services, security, hosting and technology solutions for Fortune 1000 organizations. Forsythe helps clients optimize, modernize and innovate their IT to become agile, secure, digital businesses. Sponsored by
  • 4. Ask yourself: a) Very confident b) Somewhat confident c) Not at all confident HOW CONFIDENT ARE YOU IN YOUR ORGANIZATION’S ABILITY TO DETECT AND RESPOND TO MODERN THREATS?
  • 5. THE AGGRESSIVENESS AND SOPHISTICATION OF CYBER ATTACKS HAS INCREASED; DEFENSIVE CAPABILITIES ARE NOT KEEPING UP Sources: Gemalto 2016 Breach Level Index, FireEye 2017 M-Trends Report 1.4 billion data records were compromised during 2016, an increase of 86 percent over 2015 Global median time from compromise to discovery in 2016 was 99 days
  • 6. Source: Verizon 2016 Data Breach Investigations Report USERS AND USER DEVICES REPRESENT THE LARGEST AND FASTEST-GROWING TARGET GROUP Server User Device Person Media Kiosk/Terminal Network2009 2010 2011 2012 2013 2014 2015 0% 10% 20% 30% 40% 50% Percent of breaches per asset category over time
  • 7. NO MATTER WHAT TECHNOLOGY WE PUT IN PLACE, NO MATTER HOW MUCH MONEY WE SPEND ON PROTECTIONS FOR THE ORGANIZATION, WE STILL HAVE PEOPLE, AND PEOPLE ARE FALLIBLE. — Theodore Kobus, Baker & Hostetler, Privacy and Data Protection
  • 8. ENDPOINT SECURITY IS THE FRONT LINE IN THE FIGHT AGAINST CYBER ATTACKS
  • 9. Ask yourself: a) Less than 5 b) More than 5 c) Not sure HOW MANY ENDPOINT SECURITY AGENTS IS YOUR TEAM CURRENTLY MONITORING?
  • 10. Source: Forrester Mastering the Endpoint, March 2017 On average, organizations are monitoring 10 different security agents… …and swiveling between at least 5 different interfaces to investigate and remediate incidents
  • 11. Forrester Business Technographics Security Survey, Q3 2016 MANY ORGANIZATIONS STILL RELY HEAVILY ON SIGNATURE-BASED SOLUTIONS 55% 53% 63% 80%
  • 12. THE BOTTOM LINE: ORGANIZATIONS NEED TO ENHANCE PREVENTION METHODS ON THE ENDPOINT AND ADD THE ABILITY TO DETECT AND RESPOND TO EMERGING THREATS
  • 13. BY 2020, 80% OF LARGE ENTERPRISES, 25% OF MIDSIZE ORGANIZATIONS AND 10% OF SMALL ORGANIZATIONS WILL HAVE INVESTED IN EDR CAPABILITIES. — Gartner Market Guide for Endpoint Detection and Response Solutions, 30 November, 2016
  • 14. ENDPOINT SECURITY USE CASES Facilitate the prevention of attacks by stopping endpoints from executing malicious files and processes, and/or connecting to malicious domains and URLs. Some tools can also remove malicious files, and isolate infected endpoints from the network. Search for and identify advanced attacks or malware processes in real-time through proactive hunting for malicious activity. This can include activity scoring, and both rule-based and threat-intelligence- based detection. This use case is typically for organizations with mature security programs. Continuous monitoring of endpoints to understand what executables are running, what activities users and/or endpoints are engaging in or have engaged in, the current state of endpoints, etc. Analysts can use recorded information to establish trends and patterns of activities to learn what’s normal, and what’s not. Provide a platform to document, analyze, contain, disrupt and/or remediate incidents. Provide history of activity, connections and actions. Conduct historical searches, and scan systems for known artifacts derived from threat intelligence and past investigations. Prevent or alert on unauthorized changes to endpoint configurations/installations. Maintain standard or “Gold” images in order to prevent the need to reimage. Enhance patch management by preventing vulnerabilities from being exploited before organizations have a chance to deploy patches. Incident Investigation/ Response Management Prevention Threat Hunting/ Detection Monitoring/ Visibility
  • 15. FINDING THE RIGHT FIT There are numerous EDR solutions to choose from, as well as next-generation endpoint security solutions from EPP providers that incorporate EDR capabilities.
  • 16. 5 KEYS TO MATURING YOUR ENDPOINT STRATEGY
  • 17. Organizations need to evaluate their current capabilities before they can advance their programs ONE GAUGE YOUR MATURITY
  • 18. Initial Processes unorganized; not repeatable or scalable Repeatable Basic program and policies established; success can be repeated Defined Program and policies formalized and updated in last 24 months Managed Program formalized, up to date and functioning; CISO in place Optimized Model security program around all endpoints; designed to anticipate change ENDPOINT SECURITY MATURITY MODEL
  • 19. Ask yourself: a) Initial or Repeatable b) Defined or Managed c) Optimized d) Unsure BASED ON THIS MODEL, WHAT WOULD YOU GUESS YOUR ORGANIZATION’S MATURITY TO BE?
  • 20. No single solution can keep up with today’s sophisticated, emerging threats TWO ENSURE COMPREHENSIVE PROTECTION
  • 21. COMPREHENSIVE CONTROLS Anti-virus Advanced prevention tools Advanced detection and response tools Additional endpoint security controls • Application controls • Network access controls • Management controls • Port controls • DLP • ERM NEXT-GENERATION ENDPOINT SECURITY
  • 22. MACHINE LEARNING? Machine learning is one of the year’s hottest technology trends; within the endpoint security space, many companies legitimately claim to do some machine learning, though it’s often not clear what that means, how it works, or even why it is important.
  • 23. It is impossible to manually manage all of the endpoints on your network; while it’s important to have defense-in-depth, it is equally important to consolidate agents and processes wherever possible THREE CENTRALIZE MANAGEMENT
  • 24. Too much IT security spending has focused on the prevention of data breaches, and not enough has gone towards preparing for the inevitable FOUR STREAMLINE INCIDENT RESPONSE
  • 25. Humans are the weakest link in any security strategy; defending against human behavior involves a combination of endpoint security solutions and increased awareness FIVE BOLSTER SECURITY AWARENESS
  • 27. http://focus.forsythe.com OR FIND MORE ARTICLES ABOUT BUSINESS AND TECHNOLOGY SOLUTIONS AT FOCUS ONLINE:
  • 28. Authors: Jose Ferreira Security Strategist, Forsythe Security Solutions Josh Thurston Security Strategist, Office of the CTO, McAfee www.forsythe.com Forsythe is a leading enterprise IT company, providing advisory services, security, hosting and technology solutions for Fortune 1000 organizations. Forsythe helps clients optimize, modernize and innovate their IT to become agile, secure, digital businesses.