What technologies will protect the company from cyberattacks?

Faced with an increase in hacking and other cyber-attacks, cybersecurity concerns among companies have steadily increased in recent years.
It is becoming clear to CIOs that the security model to be adopted must be based on a scalable framework that will allow them to stay ahead of the curve in this changing environment.
Let’s return to the list of cyber threats and effective measures that need to be taken.

Cyber ‚Äč‚Äčthreats, what is the risk for organizations?

It is important to remember that VSE/SMEs, which represent almost 95% of the French economic fabric, maintain a largely skewed view of the cyber risks they face: 80% believe they are well protected, although two of them say they have recently they became a victim of cyberattacks[1],[2]. Recent news clearly shows that cyber attacks affect all organizations without discrimination, regardless of their sector or size. In a recent study[3]we even learned that 76% of companies that were victims of cyberattacks paid a ransom.

Apart from the frequency of the attacks, we also notice that they are getting a little more difficult every day. With advances in technology, cybercriminals are developing threats that can infiltrate systems through multiple entrances, making them harder to detect and increase the chances of success. The only possible conclusion is that workstation-centric detection and response solutions are no longer enough to provide optimal protection for an organization today.

XDR, the future of cybersecurity?

The XDR (Advanced Detection and Response) Ecosystem, based on EDR (Endpoint Detection and Response), offers to go even further by bringing multiple products together under a single incident detection and response platform. This cross-infrastructure capability is the common denominator of XDR, which at this stage stands out as the optimal solution for preventing cyber attacks.

Fully automated, this system replaces the discovery and investigation processes that were previously performed manually by internal managers. Due to its “extensive” nature, the XDR interface is capable of analyzing and discovering multiple security vectors such as network, cloud, messaging, or other third-party security points, ultimately facilitating diagnosis and decision making for people interested in it. freeing them from time-consuming and administrative tasks.

While XDR is indeed available to any organization, realizing its benefits depends on the cybersecurity maturity of the organization. Organizations that do not have resources (programmatic or human) are likely to benefit from such a solution. On the other hand, mid-to-high maturity cybersecurity organizations that mostly already have the resources will see the main benefit of no longer having to do manual work to make sense of the data, leaving room for further exploration. and streamlining decision making and adjustments.

What to look for in an XDR provider?

Ultimately, any company that plans to equip itself with an XDR interface seeks to maximize its operational efficiency by reducing the risks that affect the company’s security. When evaluating XDR vendors, check whether the proposed solutions allow:

+ More detection accurateleading to more accurate prevention

+ better adaptability to the development of technologies and infrastructures

+ Less blind spots and better review

+ Time detection fastest or average detection time (MTTD)

+ Time correction or faster average response time (MTTR)

+ polls faster and more accurate (fewer false positives)

When evaluating a supplier’s offer, take the time to immerse yourself in the product to fully understand it and ask questions. Ask, for example, if the dataset has been automatically rated and sorted, and if the system provides the necessary steps to use it. Ultimately, it is very important to partner with a company that will help the company stay one step ahead of its opponents and properly equip it against new emerging threats.

When evaluating suppliers, look under the hood. While some vendors claim to offer a completely unified view in a single console or integrated XDR solution, ask if data from all individual vectors has been automatically evaluated and sorted, and if the system offers meaningful and actionable next steps.

By Fabien RechVice President EMEA Trellix

[1] Source: Xefi/Ifop research published Dec 13, 2021
[2] Source: Opinion Way research for Cesin published January 2022.
[3] Source: Vanson Bourne for Veeam, Ransomware Business Impact Study published May 2022.