The range and number of endpoints that organisations manage have created a large attack surface for those with malicious intent. Fast becoming the easiest route into a network for attackers, endpoints are places where even the most basic malware can dupe innocent end users and bypass centralised controls. An increase in the number of devices also presents information security teams with a growing patch management workload as they try to comprehensively download all the appropriate patch executables to remediate endpoint vulnerabilities and verify successful patch deployment.
The industrialisation of malware – often with just tiny adaptions to previously seen attacks such as changing the file’s hash – means that malware can evade many forms of detection. Endpoint security used to be synonymous with a single product category – antivirus software. Fast forward just a few years and APTs, sophisticated malware, targeted attacks, and zero-day exploits are changing the endpoint security landscape. It is therefore unsurprising that infosecurity professionals are eager to understand, evaluate and implement innovative endpoint protection tools.
In our experience, the battle between security and performance is fiercest around the endpoint which is why NTT Security launched its Cyber Security Innovation Programme in the UK – to help organisations see the wood from the trees when it comes to identifying the best cyber defences. And, this week, we announced next-generation endpoint security company Cylance is the first partner to join the scheme.
Cylance provides a preventative cybersecurity solution that stops advanced persistent threats and malware at the endpoint. What’s interesting is that the company’s solution uses artificial intelligence and machine learning to analyse code for malicious traits before it ever executes on the endpoint (which we know is most often the weakest part of an organisation’s network).
This latest move is an important step forward in our plans to partner with innovative companies and technologies, particularly in the evolving field of artificial intelligence. Cylance certainly fits the brief with its endpoint security solution, CylancePROTECT®. It’s an exciting technology that will become an important part of our customers’ enterprise security architecture.
Whatever advanced endpoint solutions an organisation selects, a successful investment must integrate with network security to build detection, prevention and increasingly prediction capabilities. They must do this in a business context that balances a decrease in threat surface without disrupting business as usual activity. Preserving endpoint performance and user experience is key to any technology decision as employees have proven to have little tolerance for security solutions, particularly at the endpoint, that stand in the way of productivity and collaboration.
For more information on advanced endpoint security, download our InView whitepaper here.