Advanced Endpoint Protection has Surpassed Traditional Antivirus
The landscape for protecting company networks has evolved from traditional antivirus and anti-malware solutions to advanced endpoint protection. With the variety of devices now connected to corporate networks, the possibilities for exploit have increased significantly. Protecting a network now means protecting the myriad of endpoints, which must be innovative and adaptive to keep up with how we work.
Endpoints are Everywhere
Think of all the connected devices you use today, for instance, your phone, personal computer, and tablet. Each of these is a network endpoint. In your home, it’s likely at least one of your TVs is a smart TV and even your security system, doorbell, and thermostat may also be connected to a network and the Internet. At the office, you’ll probably interface with other connected devices related to the functions of running a business. Chances are you’ll interface there with a connected printer, copy machine, security card reader, and maybe a video conference unit. In enumerating each of these connected devices, your list is probably a lot longer than it was even a few years ago.
The number of connected devices per person, particularly in highly developed economies, continues to increase. On average in North America in 2017, thirteen networked devices and connections existed per person, up from eight the year prior. With so many endpoints integral in so many aspects of our work and personal lives, personal vulnerability to cyberattacks, and vulnerability of the companies we work for increases significantly.
More Endpoints Warrant New Protection Strategies
In the past, protecting a network meant protecting a workstation computer. The need was mostly the same in both business and home environments. Companies like Kaspersky, Norton, and MacAfee provided the required protection for personal computers and safeguarded against viruses, malware, and spam. While the underlying principles of security, policy, procedure, prosecution remain unchanged, the nature of attacks has.
According to NSS Labs, while businesses have traditionally relied on antivirus (AV) products to protect their endpoints, advanced threats require advanced endpoint protection (AEP). In a product test that the company, a global leader in operationalizing cybersecurity, conducted last year, it evaluated thirteen AEP vendors and concluded that “...AEP prevention, detection, and response platforms are positioning themselves to take market share from legacy AV vendors.” Meaning most business will look to protecting endpoints as a top priority.
Today’s businesses must re-evaluate their risk exposure and endpoint protection strategy, to keep ahead of advanced threats. In fact, NSS Labs estimates that more than $1.8 billion in venture and private equity investment have gone into the development of next-generation endpoint protection since 2014.
In the report, The 2017 State of Endpoint Security Risk Report, the Ponemon Institute in conjunction with Barkly refers to the magnitude of the risk affiliated with endpoints as “unmanageable.” They say the cost for each successful attack can be as much as $5 million for a large organization or an average of $301 per employee.
Traditional Antivirus: A Thing of the Past
Today, most malicious hackers look to target endpoints in carrying out cyberattacks. Endpoints are ubiquitous and plentiful in any organization and typically present the weak link in a company’s network. Endpoint vulnerability stems from lack of protection, the multitude of options for attack, and human behavior. These factors increase a hacker's opportunities and ultimately their success rate. As examples, think about the instances where you may have shared a USB drive or connected your phone to an unsecured public network and then to your company. These occurrences spell opportunity for the nefarious.
In advertising its endpoint security tool, AMP for Endpoint, Cisco states, “Traditional antivirus tools are no match for today’s evolving threat landscape. With attackers now designing malware that can mask itself to evade detection, businesses need to upgrade their antivirus to properly fight back.” With the focus so heavily on endpoints, it would seem that traditional antivirus is a thing of the past. Well, not entirely. Most antivirus companies offer layers of protection and will include some or all of the following capabilities:
• Endpoint firewall
• Application control
• Sandboxing (locally, cloud-based, or both)
• System memory monitoring/protection
Other companies have bundled in protection for mobile devices designed to shield against both intruders and theft. This protection scheme may include services like real-time GPS tracking of lost or stolen phones, lockout systems, alarms, data wiping, and even secret recordings of unauthorized users.
Protection Strategy is Not Static
With the growing number of opportunities for the “bad guys” to exploit endpoint devices, cybersecurity must be innovative and adaptive to keep up with the way we work and live. The bring your own device (BYOD) movement exemplifies the reality that massive numbers of new endpoints will routinely connect to corporate networks. This represents new vulnerabilities and new concerns for IT security specialists. As a society, we’ve moved well beyond the, one device for each employee paradigm and now must consider multiple devices for each worker. The revolution of the Internet of Things (IoT) will also usher in an expanded collection of endpoint devices requiring multiple layers of protection. In considering cyber protection, it may be shortsighted to pit AEP against traditional antivirus protection. A better strategy likely includes traditional plus advanced endpoint protection plus whatever comes next.