Endpoint security is nothing without human operators


From Kaseya and Colonial Pipeline to Molson Coors and CD Projekt, companies around the world are repeatedly falling victim to cyber threats. It is therefore more important than ever to implement endpoint security mechanisms to protect against these attacks.

The ability of endpoint security platforms to collect and analyze data has grown much wider in recent years. These platforms offer malware prevention and detection, virus scanning and analysis of user behavior. They also help security teams handle the hundreds, if not thousands of security alerts they receive daily, which in turn helps save time and prioritize security tasks.

A Endpoint security platform however, it is not a panacea. Integrating endpoint security products with other systems can be difficult and expensive. Cyber ​​security leaders must weigh the risks of weak endpoint security against the costs of secondary products. Endpoint data analysis requires assistance from other aspects of the overall security stack. Telemetry from endpoints, identity tools, and the cloud must also be considered. The increasing complexity of devices also blurs the ability to discover compromised endpoints.

The role of humans in endpoint security

Despite increasing technological advances, human operators are still responsible for safety. This puts significant pressure on people to make important and quick decisions in managing cyber attacks. Rather than relying on tools and technology, organizations must focus and resources on human innovation and cybersecurity skills. Human actions have a far greater impact on detecting, preventing, and remedying attacks than most people realize. Automated response actions can even adversely affect businesses. Therefore, some cybersecurity attack responses should be placed in the hands of a human operator, as a wrong approach can do more harm than the first breach itself. And as new and complex security tools become readily available, it is more important than ever for organizations to invest in human skills to cope with these new advances.

Organizations tend to pin them down and forget about them when dealing with endpoint security, often due to resource or lack of resources, especially in startups and SMBs. Basic security awareness training can help employees avoid phishing campaigns, but endpoint security threats can be more difficult to explain.

The cybersecurity industry often forgets that we are all in this battle together. Regardless of industry or size, companies pursue the common goal of achieving 100% security. However, the community needs to become more aligned to defend against the latest and greatest threats.

The future of the endpoint

Endpoint security is not the be-all and end-all of the security stack. Carry out and implement regular patching Multifactor authentication and Least Privilege Policies and a good security oversight program are also required. Advanced discovery and response has now evolved into a more comprehensive approach to endpoint security by expanding its scope Discovery beyond endpoints to include data from networks, servers and the cloud.

Yet all of these tools and processes are useless without people who know how to deploy, configure, manage, and maintain them, and use them to respond to the growing threat landscape. This is often where organizations fall short: technology is prioritized, but the skills it needs to use it and achieve its full potential are often glossed over. Training of security professionals is just as important, if not more important, than improving the safety technology itself.

If you can choose between basic tools and an expert team, or the best tools with a mediocre team, the former should always be the preferred option. If security teams are not staffed with trained staff, the tools will not work and organizations are guaranteed to miss threats that can have dire consequences.

About the author

Kevin Hanes is the CEO of Cybrary, a professional cybersecurity development platform. Prior to joining Cybrary in June 2021, he was the COO of SecureWorks for eight years. Hanes began his career at Dell Technologies in the integration of custom software and during his 15-year tenure moved into leadership positions of increasing responsibility and global reach. He holds a bachelor’s degree from St. Edward’s University in Austin and a master’s degree from the University of Texas at Austin.

Source link
#Endpoint #security #human #operators

Leave a Reply