[BreachExchange] The endpoint is just the beginning

[Audrey McNeil]

http://www.itp.net/613910-the-endpoint-is-just-the-beginning

How should organisations respond to the new cybersecurity reality?

Cyber-attacks can, at their worst, put companies out of business, or result
in huge fines from the authorities.

There are many IT Security solutions available to address the issue but
just purchasing software or hardware is not enough. These “tools” need to
be a part of a whole security strategy and be managed, configured and
monitored by experienced and dedicated security engineers.

For management to mitigate risks to their business, it is important to form
an incident response plan by building established, procedures and processes
for managing and responding to a cyber threat can help companies limit
damage to their IT infrastructure.

Second, in order to develop the ability to monitor and effectively counter
cyber threats, organisations must establish a situational risk and threat
awareness system to detect damages and breaches that may indicate any
compromise of valuable assets.

Third, organisations must invest in trained and experienced cybersecurity
professionals. The absence of qualified and experienced cybersecurity
professionals is posing a significant challenge for organisations.
Therefore, it is critical for companies to invest in more in dedicated IT
security staff who are informed and up to date with cybersecurity trends
with the skills to be able to configure, monitor and maintain their
organisation’s systems.

Finally, organisations need to develop a post-crisis plan of action.
Establishing post-attack procedures to counter similar incidents in the
future is an important step to safeguarding critical data and networks. It
is key for organisations to formulate processes and procedures to manage
incidents, and limit potential damage and disruptions to operations.

ESET investments go well beyond the endpoint. Discuss

ESET offers security solutions that keep data and networks secure from
various cyber threats, data theft and illegal access and breaches.

The ESET Endpoint Protection solution includes a cloud-based detection and
prevention system called ESET Live Grid. Monitoring more than 100 million
sensors worldwide, it provides an expedient base for the immediate
detection of and response to new, unknown or advanced threats.

We’re also making use of machine-learning processing in our ESET Live Grid
cloud, directly using the resulting detection models in our endpoints. This
machine learning is trained on large datasets, utilising all of the data we
have available, to achieve a high level of accuracy and low false positive
rate. Our overall endpoint detection is further augmented by combining the
machine-learning detection models with a number of other protective,
behaviour-based layers such as our Anti-Phishing engine, Network Attack
Protection, Advanced Memory Scanner, Exploit Blocker and Device Control to
mitigate the chances of any threat avoiding detection.

In addition to endpoint security, our portfolio includes products such as
encryption and multi-factor authentication, which are crucial for data
breaches and regulatory compliance.

Discuss some recent successes for ESET in the region?

In 2016, we recorded a 10% growth in overall sales in the Middle East
market for both consumer and business products, resulting in huge
year-on-year benefits for our channel partners.  Our growth is supported by
businesses all around the world that are switching from outdated antivirus
software to powerful endpoint security protection.

At the recent ESET World 2017 conference ESET Middle East was awarded as
the office with the largest growth in Enterprise sales worldwide. In
addition, worldwide ESET has also been one of the top five vendors in
recent years in the enterprise segment and we have more than doubled our
market share and almost tripled our revenue among enterprises in that time.

What would you say is ESET’s key value proposition?

Our goal is to deliver integrated, complete solutions that provide a
comprehensive set of capabilities to predict, prevent, detect and respond –
supporting the complete endpoint security landscape without sacrificing
system and network performance.

Based on recent research, more than 60% of ESET customers admit to seeing a
return on investment within six months; and 94% said they made their money
back in less than a year.

With IT now deeply integrated in business, what is the role of the CIO in
cyber security?

The role of CIOs (chief information officer) has come to be recognised as a
critical part of any business strategy. As mentioned earlier, with more
organisations now technology-driven, approaches to IT security are also
evolving and so has the role of a CIO. CIOs are responsible for
establishing and maintaining the organisation’s vision and strategy to
ensure information assets and technologies are protected.

Additionally, as new technologies emerge CIOs must also possess skills that
go beyond traditional technology management. CIOs of today should also
possess legal expertise, corporate financial skills, data management
skills, expertise in compliance and security among others.

Security spending is set to increase in the coming years. How does this
impact overall security posture?

Worldwide spending on information security is expected to reach USD90
billion in 2017, according to Gartner. In the Middle East, the
cybersecurity market is expected to grow from USD11.38 billion in 2017 to
USD22.14 billion by 2022 at an estimated compound annual growth rate (CAGR)
of 14.2%, according to a Reportbuyer report. This is driven by various
factors, including minimising IT security risks and threats such as
malware, ransomware among others.

To boost security measures and mitigate cyber risks, organisations both
public and private, need to invest more in resilient IT security solutions
that predict, detect and prevent cyber-attacks in the future.

Discuss how you see the cybersecurity landscape evolving in the near future

The cyber threat landscape is continually evolving as cybercriminals become
more sophisticated in their attacks and the methods they use. As a result,
IT security framework needs to evolve and stay ahead of the criminals to
fight the increasing rate of attacks. This may take the form of security
systems integrated with more advanced artificial intelligence technologies
or simply forming stringent regulations so that organisations take the
threat more seriously and have the capability to react instantly and
appropriately.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20170725/9e97e93d/attachment.html>