For this blog post, I chose to write about the Horizon Report on Information Security as this is the topic that interests me because I work in the cybersecurity field (Educause, 2021). The technology I am choosing to discuss from that report for this post is endpoint detection and response technology. Part of my job is to analyze and monitor any events that trigger from endpoint devices and deal with them accordingly depending on if they are malicious or not.
Over 70% of security breaches start from endpoint devices. Endpoint devices are devices such as personal computers, laptops, cell phones, tablets, printers, scanners, and even servers (Educause, 2021). As most people know, a single network could have multiple endpoint devices connected to it at the same time throughout various times of the day or night. A cybercriminal would view this as a huge data buffet. You can imagine the degree of data theft this offers.
Because endpoint devices pose such a big security breach risk, it is vital that they are made as secure as possible. This includes implementing a response plan to cover any possible breaches that could happen from endpoint devices. All organizations must have a security plan in place. Part of this security plan is to make sure all endpoint devices have antivirus software implemented as well as firewalls and any other types of security there is to offer. An endpoint device could never have too much security. The thing is to make sure each security software, method or device is able to work well with each other and not hinder each other and a good technology to use is endpoint threat detection. Endpoint threat detection is a technology that combines a collection of endpoint data and real-time continuous monitoring with rule-based automated analysis and response capabilities. Endpoint detection technology is vital as it helps the security team know when an endpoint has been compromised because the endpoint detection software will notify them.
One of the technology trends I read about in the Horizon Report about information technology is about how security incidents are becoming routine (Educause, 2021). This is because cybercriminals are developing more sophisticated techniques in order to commit breaches. Because of this, organizations now consider cybersecurity plans an automatic consideration in their operations and business planning. Cybersecurity planning has become an essential part of an organizations daily business. This includes everything from physical security, network security to employee security training.
Two things that have an impact on endpoint detection and information security is application control and network access control. Application control is when the security team use control tools to set up what an application can and can not do and to instruct the application on restricting and preventing unauthorized actions by users. Network access control is using user and system authentication, network security enforcement and endpoint security technology in order to control what users can access and do on the network. These are accompanied by access security policies that organizations devise for employees, or contract users. Access control helps endpoint security by limiting access to data that users can see and work with. One of the most common access control methods is role-based access in which the security team only allow a user access to the data that is necessary to perform their job duties. This helps keep users out of confidential data that they have no business seeing.
Link for Blog Post Image is under References.
References
Educause. (2021, February 16). 2021 EDUCAUSE Horizon Report: Information Security Edition. Retrieved from Educause: https://library.educause.edu/-/media/files/library/2021/2/2021_horizon_report_infosec.pdf?la=en&hash=6F5254070245E2F4234C3FDE6AA1AA00ED7960FB
Security Intelligence. (2016, September 22). Image from website. Security Intelligence: https://securityintelligence.com/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2016/09/in-prevention-we-trust-when-and-how-to-use-endpoint-detection-and-response-630x330.jpg.webp
