End-to-End Security Starts at the Endpoint

The massive growth in endpoints requires a baseline security strategy for cohesive visibility and unified protection.

istock 1212301024
iStock

Given the widely dispersed workforce, and the likelihood of a hybrid workspace going forward, it’s not surprising that endpoint security is a top priority among CSOs, according to the IDG 2020 Security Priorities Study.

Wrapped into the remote work security challenge is the need to speed detection and remediation of threats that target devices and endpoint systems. The faster cyber issues can be discovered, the less probability of larger problems. Obvious, yes?

However, endpoint security can be daunting task. Most organizations are using a multitude of tools—for monitoring, detection, threat hunting, and more. Some of these technologies may be integrated, others have been bolted on and require finessing for analytics programs or reporting. So, from the get-go, there’s often a lack of comprehensive visibility into issues that may be occurring at any one endpoint.

Another challenge: lack of time. Even with security analytics and threat intelligence in place, teams receive massive volumes of alerts and notifications. It takes time to investigate the most critical threats, let alone ensure that those alerts falling into the “medium severity” category aren’t serious.

Some larger organizations also face a lack of coordination in their threat detection and response strategies. For example, they may have SecOps and ITOps teams each handling their corners of the enterprise security landscape. Without collaboration, vulnerabilities and incidents may take time to uncover.

Overcoming endpoint security challenges

Organizations should seek three objectives from their endpoint security:

  • Drive faster threat detection and investigation
  • Achieve operational efficiency through automation
  • Develop improved collaboration among SecOps and ITOps

The first step is unifying the security foundation around endpoints. Because they’re so widely distributed and growing in volume, they should become the focal point, says Joakim Lialias, Director of Product Marketing, Cisco Security.

“Endpoint security should be the first line of defense and provide insights into user behavior,” he says. “Really, it is one of the most critical control points of the security architecture.”

This requires an endpoint security solution that integrates seamlessly into customer’s existing security architecture. No longer can endpoint security be a bolt-on solution. A platform approach needs to be part of endpoint security, that ties together endpoint, network, cloud, and application data for increased visibility into potential threats. It also enables  teams to take a coordinated approach to incident management.

For example, the Cisco SecureX platform, built into Cisco Secure Endpoint, provides a secure ribbon across the infrastructure, weaving monitoring, analytics, and intelligence into a single dashboard view. It includes prebuilt connectors or APIs that allow organizations to easily integrate the Cisco portfolio of security solutions, as well as third-party tools.

“SecureX provides secure orchestration for improved incident management,” Lialias says. “That means that security teams can quickly take advantage of investigation workflows using some of the pre-built workflows available, or they can build their own to meet their requirements. These efficiencies can make a big difference.”

For example, Allied Beverage Group has achieved significant benefits in its endpoint security posture since deploying SecureX:

  • 97% reduction in time to remediate
  • 95% decrease in time to detect incidents
  • 80% increase in visibility

“We know security can be complex,” says Lialias. “Sometimes it feels like a battle that is very difficult to win, but we want to help simplify endpoint security and give customers the capabilities that will also drive additional efficiencies.”

Learn more about Cisco SecureX.

 

 

Related:

Copyright © 2021 IDG Communications, Inc.