by Ross Baker,
Today’s CISOs are assailed on all sides by a growing array of threats. From ransomware to targeted attacks, data-stealing malware to browser-based exploits – there’s no such thing as a ‘typical’ cyber attack any more. That’s why endpoint security tools need to cover a broad range of capabilities, to offer the maximum threat protection possible. But with so many vendors vying for competition, it’s no easy job picking through the distorted claims and marketing hype out there to find the right solutions.
Don’t believe the hype
If you were in any doubt about the scale of the threats facing UK organisations in 2016, just look at the latest results from interviews we conducted with over 300 UK IT decision makers. Seven in 10 (69%) said they thought their organisation will be targeted by ransomware in the next 12 months – a figure rising to three-quarters for those who’ve already experienced an attack.
And it’s not just ransomware that is keeping IT leaders awake at night. They’re also faced with the possibility of carefully targeted attacks designed to steal sensitive customer data or IP, zero day threats, exploit kits and other commodity malware. And then there’s the ever present risk of accidental data loss via insider negligence. It all adds up to a complex patchwork of threats which need an effective co-ordinated response based around multi-layered endpoint protection.
But there aren’t many vendors out there that can offer a truly comprehensive set of capabilities. Many trumpet ‘advanced’ or ‘next generation’ products, but dig a little deeper and you’ll find they’re little more than one-trick ponies. Machine learning is one such feature getting a lot of press at the moment. But while it’s good at threats hidden in executables, it doesn’t work so well on malware in non-executable files, like PDFs.
Some endpoint security vendors also fail to offer holistic security platforms. While the endpoint is undoubtedly under threat, so too is the web/email gateway, the network and servers. That’s why it’s important to find tools which integrate easily and if possible share threat intelligence to improve the organisation’s overall security posture. It’s also important to remember that blocking online attacks is not the be-all-and-end-all. Your endpoint security should also be equipped to respond and remediate, and learn from incidents so that the organisation is protected next time it encounters the same type of attack.
What you need
For the most effective endpoint security, look for vendors that offer multiple layers of protection to combat the broad range of threats out there. Trend Micro’s endpoint security suites feature anti-malware, ransomware protection, memory inspection, encryption, device control, data loss prevention (DLP), vulnerability shielding, command and control blocking, browser exploit prevention, app whitelisting, behaviour monitoring, web threat protection, and more.
The technology works across all stages of the threat lifecycle to offer connected defence: Prevent, Detect, Analyse, Respond. That means that intelligence generated from network or server security tools, for example, can be used to lock down the endpoint. It’s also manageable from a centralised console and has been built for speed, featuring a lightweight client which won’t impact performance.
Organisations today are faced with a sophisticated enemy used to using multiple varied tools and techniques to achieve its goal. The only way to combat this effectively is through layered endpoint protection.