Article

Rick McElroy
Rick McElroy 6 April 2018
Categories B2B, Technology

Five on-the-ground insights on implementing endpoint security in the cloud

Today’s “access-everything-anywhere-anytime” mobile data environment is great news for business productivity and performance but on the flipside it’s also a huge opportunity for cybercriminals. Here are five key insights that we’ve gleaned that will help anyone moving to cloud-based next generation security:

The increasing multitude of endpoints represents an ever-expanding playground in which to develop new ways of infiltrating corporate networks and making off with the digital goods. 

Malware, ransomware and a rising incidence of fileless attacks all constantly chip away at the perimeter while security pros now have to secure an environment that can comprise thousands of potential attack points. So, it’s not surprising that getting smarter about endpoint security is high on the CISO agenda and we’re seeing many turning to the cloud to cope with the scale and complexity of the task.  

At Carbon Black we regularly talk to experienced CISOs who are in different stages of implementing cloud-based endpoint security and we see common threads – some operational, some strategic - running through those conversations. It’s also fascinating how these threads demonstrate the diverse skillset required by today’s CISOs. Here are five key insights that we’ve gleaned that will help anyone moving to cloud-based next generation security:

Before you start - know your data risk

When scoping your endpoint security strategy start by understanding what data is being accessed through your endpoints and its associated risk profile so you can devise an appropriate response in terms of mobile access to that data. This varies depending on the level of regulation in your industry. Linked to this is identifying compliance issues or privacy considerations that must be factored in when increasing endpoint monitoring – particularly if you operate in multiple territories. Having this understanding at the outset means you can devise a system that fits the challenge at hand, avoiding any surprises further down the line.

Layer it up to complement existing systems

Endpoint security has become a priority due to the expansion and increasing vulnerability of the network perimeter. It therefore makes sense to view moving to next generation endpoint security in the cloud as an evolutionary stage in an organisation’s security strategy. CISOs tell us that they see it as an additional layer that enhances their capabilities by delivering far greater real-time intelligence and visibility of the network, allowing them to detect and mitigate more attacks, faster.

At the same time as adding layers, though, they are aiming to keep a rein on the time and resources needed to manage their systems. This means that choosing products with intuitive management consoles and straightforward reporting is a key priority.

Balance security and system performance

For all that a breach in security could bring an organisation to its knees, try persuading users to tolerate any kind of slow-down in system performance and you’ll soon face a people’s revolt. The vast processing power of the cloud takes away the burden from on-premise systems and ensures that there is no user-detectable impact on performance. For CISOs this is one of the most important pillars in building the business case for moving endpoint security to the cloud.

People are your biggest security weakness – change management is crucial

Speaking of user impact, as employees become increasingly mobile they need to understand their own responsibility to protect the organisation. This is where, on top of all the other skills that today’s CISOs need, change management enters the mix. It is as much a psychological challenge as an operational one to create a security-conscious culture throughout the business.

As the lines between personal and business technology become increasingly blurred this actually represents an opportunity to frame cybersecurity as something that’s important across all aspects of our online lives: a security mindset shouldn’t be something you switch off when you leave the workplace. Education programmes that help users safeguard their home systems as well as the ones they use for work have more resonance and lead to smarter, more secure behaviour across the board, which has got to be a good thing.

Another angle is to make users feel a valued part of security. Explaining what the system is designed to do and how what’s being asked of them - e.g. adopting two-factor authentication – actually protects the network is a great way to create a sense of mission around security. CISOs also favour phased rollout – so users can receive adequate support during the adoption cycle and frustration is reduced.

Bring it to the board

Cybersecurity has shot up the board agenda thanks to a proliferation of high profile ransomware and DDoS attacks and the ever-tightening regulatory environment. Basic generalisations about the threat environment don’t cut it with the board anymore as directors want to know to what degree their business is under attack and what management plans to do about it.

CISOs are finding themselves more frequently invited to present to the board and this is a great opportunity to secure ongoing buy-in for endpoint security. Boards are motivated by understanding risk, so a powerful approach is to use the reporting capabilities of cloud-based security to demonstrate the number of security incidents that the system is encountering and neutralising on an ongoing basis. This offers an overall picture of the threat environment and demonstrates the importance of swift mitigation and forensic analysis of attacks to inform future strategy. With this evidence the board is better-positioned to assess risk in relation to business objectives and it is putting CISOs in a stronger position to bid for budget to protect the business.

There’s no doubt that implementing endpoint security in the cloud requires CISOs to draw on many very different areas of expertise: data management, privacy and compliance, business case building and change management to name just a few. 

Please login or register to add a comment.

Contribute Now!

Loving our articles? Do you have an insightful post that you want to shout about? Well, you've come to the right place! We are always looking for fresh Doughnuts to be a part of our community.

Popular Articles

See all
7 reasons why social media marketing is important for your business

7 reasons why social media marketing is important for your business

Social media is quickly becoming one of the most important aspects of digital marketing, which provides incredible benefits that help reach millions of customers worldwide. And if you are not applying this profitable...

Sharron Nelson
Sharron Nelson 6 February 2018
Read more
Digital Marketing Vs. Traditional Marketing: Which One Is Better?

Digital Marketing Vs. Traditional Marketing: Which One Is Better?

What's the difference between digital marketing and traditional marketing, and why does it matter? The answers may surprise you.

Julie Cave
Julie Cave 14 July 2016
Read more
Top 10 B2B Platforms to Help your Business Grow Worldwide

Top 10 B2B Platforms to Help your Business Grow Worldwide

Although the trend of a Business to Business portal is not new but the evolution of technology has indeed changed the way they function. Additional digital trading features and branding has taken the place of...

Salman Sharif
Salman Sharif 7 July 2017
Read more
What Marketing Content Do Different Age Groups like to Consume?

What Marketing Content Do Different Age Groups like to Consume?

Today marketers have a wide choice of different content types to create; from video to blogs, from memes to whitepapers. But which types of content are most suitable for different age groups?

Lisa Curry
Lisa Curry 21 October 2016
Read more
Collection Of The Best Email Testing Tools Online

Collection Of The Best Email Testing Tools Online

Don’t be afraid of email testing. There are many free or freemium tools online that can help you with testing your SPAM score, deliverability and even the rendering of your email. We feature 30 email testing tools in...

Roland Pokornyik
Roland Pokornyik 31 October 2016
Read more