Offense informs defense. Cyberspace is a hostile landscape. Cybercriminals have become increasingly punitive this year.Aside from the reemergence of worms we are observing some notable trends:Watering Hole Attacks that employ destructive payloadsMobile Attacks which leverage proximity settingsBEC utilized for second stage attackWipers deployed for counter incident responseToday’s adversary is intent on waging a cyber insurgency within your network. The more prominent your corporate or personal brand the more likely you will be targeted by the elite cybercriminal and spy. In order to protect one’s brand, corporate cyber defense must be modernized. In 2017, we must appreciate that traditional end point security is dead. I left a traditional cybersecurity vendor 20 months ago realizing that 5% of cyberattacks would bypass end-point security.The failure in traditional end point security is due to the widespread adoption of the Kill Chain. The Kill Chain starts with Reconnaissance. Reconnaissance is the act of finding a weakness in the target that the attacker knows how to exploit for their gain. Every corporation has weaknesses and every cybercriminal has access capabilities to attack platforms and exploit code. The overlap between the two is what we should be concerned about. Attackers gain their economies of scale by using the same access capabilities over and over again, both within a specific target and across targets. This modus operandi is effective because (1) victim orgs rarely know what weakness was exploited that led to the alert several stages in the attack later (ie, root cause) and (2) those victim orgs that *do* know what the root cause was very rarely share it, or the mitigation they took to address it.EDR helps address both problems. The impact of this change in security posture is that an attacker can no longer use an access capability more than once. How might we take a page from a defensive coordinator? Much like a all-pro middle linebacker. EDR can defend and respond to an super-charged offense.Middle linebackers are the strongest linebacker who plays a hybrid position and can act as a lineman to disguise where a rush is coming from. Like Dont’a Hightower and Von Miller, an effective EDR allows your end-points to defend and respond to an attack.Gartner has noted that the EDR market is booming but there are only a few best of breed linebackers. Choose yours wisely, as defense wins championships. Related content opinion Digital hijacking: My identity is gone Ever wonder why your identity got stolen? Post-Equifax this article highlights a modern security strategy for the credit bureaus. By Tom Kellermann Oct 03, 2017 3 mins Internet opinion Crossing the Narrow Sea: mitigating island hopping Your supply chain is being invaded. It's time to discuss how best to manage risk to your supply chain and reputation in 2017. By Tom Kellermann Jul 24, 2017 3 mins Hacking Risk Management Security opinion Your brand is under siege CMOs must prepare to defend their brand and company with tools and strategies to combat almost inevitable cybersecurity events. By Tom Kellermann Jun 30, 2017 4 mins Security opinion May 18th: The birthday of the DPO The importance of the European Global Data Protection Regulation and its implications for cybersecurity in America. By Tom Kellermann Jun 06, 2017 2 mins Government IT Technology Industry Data and Information Security Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe