Innovating in Endpoint Security

  • In this escalating threat landscape, endpoint devices are on the frontline.
  • One example of the worsening threat landscape: we have been seeing a rise in firmware attacks.
  • In today’s threat landscape, choosing a hardware device is clearly becoming a security decision.

One of the greatest challenges to protecting a business against cybercrime is the shape shifting nature of security threats. Innovation is not the sole domain of the good guys: cyber criminals are constantly finding ingenious new ways to tunnel into consumer, enterprise and institutional IT systems. They are increasingly professional, more aggressively funded, and better-equipped than ever to exploit any weak link in the security chain.

The rampant rise in cybercrimes—over 1700 significant data breaches in 2016 alone—is driving cybercrime costs in the global economy, with estimates reaching up to $600 billion for 2018.

CYBER RESILIENCE AT THE ENTERPRISE EDGE

With everything connected and interconnected, security is more important than ever. The rampant rise in cybercrimes—over 1700 significant data breaches in 2016 alone—is driving cybercrime costs in the global economy, with estimates reaching up to $600 billion for 2018. The damage to businesses from theft of intellectual property alone exceeded $160 billion in losses. Cybersecurity is now a truly disruptive force. If you have the security you need, your business runs without incident and stays out of the news. But if not—the damage to your operations and reputation can be devastating.

In fact, business leaders, well-versed in this negative narrative, will spend more than $90 billion on security in 2018 alone to protect their organizations.

In this escalating threat landscape, endpoint devices are on the frontline. From healthcare to manufacturing, from transportation to the home, from agriculture to critical utility infrastructures, endpoint devices are the first line of defense or vulnerability for the data and resources we care about. They are the interface between the physical and digital world, and a prime target for cyber-attacks today, and likely will be for years to come.

One example of the worsening threat landscape: we have been seeing a rise in firmware attacks, which are attacks on the software embedded in hardware that can provide an attacker with control over an entire system and which are undetectable by any security software.

Even more worrisome, we are seeing an accelerating trend in destructive attacks that target low-level firmware to disable hardware devices and render them inoperable on a large scale. This is key to understand, as attacker motivations should also drive how we think about defensive strategies.

For example, the perpetrators of the biggest attacks of the last year were not just going after information, theft or ransom. They also sought to wreak destructive havoc on infrastructure. Worse still, they sometimes succeeded in both efforts. Last year’s suite of so-called ransomware attacks, from WannaCry to NotPetya, were clearly aiming to cause destruction over financial extortion. Most important these attacks created a lot of “collateral damage,” hitting organizations indiscriminately, making them truly destructive at scale.

To address this degrading threat environment, and new styles of attacks and attacker motivations, HP has been leading the industry in designing systems and devices with security built-in from the hardware up, to help protect, detect and remediate attacks, with minimal interruption to users.

Design for cyber-resilience is meant to ensure that devices are not only built with protections but that they can reliably detect successful attacks and recover from them.

We call this “design for cyber-resilience:” designing hardware-enforced security from the lowest level of firmware of an endpoint device and working up through the software stack and even management solutions. Design for cyber-resilience is meant to ensure that devices are not only built with protections but that they can reliably detect successful attacks and recover from them.

This is the approach that we have been developing at HP Labs, which is guiding us in the design of our business devices, from PCs to printers. The strategy is to not only offer state-of-the-art protections built in from the hardware up, but to include hardware-enforced detection capabilities, and the ability to recover to a good state when successful attacks occur.

Software and network security are not enough anymore to protect endpoints across an organization, we have to start from designing for security from hardware up. This means that today choosing a device is a security decision. Requiring any hardware purchase decision, be it a PC, a printer or any other IoT device, to be recognized as a security decision, ensuring standards are met, and even exceeded with state-of-the-art security that will help address threats over the many years that the hardware will be deployed and in use.

In today’s threat landscape, choosing a hardware device is clearly becoming a security decision. For too long, organizations have relied on third-party software security products to protect their devices. With hackers now able to frequently bypass traditional network perimeter security and antivirus programs on endpoints, it’s time we consider the security of the hardware we purchase as closely as our software and network security solutions.

This means that anyone who makes a hardware purchasing decision—however small or large—will have an influence on the security posture of the business for years to come. The enterprise CISO, who usually looks after the security of operations primarily, needs to start getting involved much earlier at the IT equipment and hardware procurement step: setting security requirements and making sure that security is taken into account as a key parameter of the purchasing decision.

Beyond the security of the devices themselves, the endpoint security challenge for organizations lies with security management. Organizations need to keep all the devices on their network up to date with the latest software and firmware, and in compliance with a good security configuration policy. In addition, they need to deploy, manage and monitor security software that’s appropriate to their business needs. To protect the business over the long run, they critically need to have a data and device recovery strategy, ensuring that they can bring the infrastructure and the business back up and running when things go wrong; as they will.

To top the list of challenges organizations are facing, the cybersecurity talent pool is in tension, with a lack of available expertise that is making it difficult for organizations to hire, afford, and retain security talent, let alone specialists in device security, PC firmware, or printer or other IoT configuration management. This has led HP to invest in building up a security practice, to be able to consult with customers with device security assessments, for any device, PC or printer, HP and non-HP, and to help them put in place the right manageability tools and solutions, and ongoing compliance and security management strategies to keep the business a step ahead of the bad guys.

HP has been a leader in endpoint device security for over two decades, pioneering research, driving security standards with industry partners, and raising the bar of personal computer and print security, with many industry firsts. But this is only the beginning. Moving forward, HP will strive to continually deliver the most secure devices, along with the solutions and services to help our customers use them securely. We are committed to leading security innovation and driving the entire industry forward.

Only $1/click

Submit Your Ad Here

techcloud link

Tech Cloud Link is the place to get free technology whitepapers downloads in a variety of formats, including PDF versions of popular articles tech briefs, tech whitepapers, and research articles into profoundly diverse spectrum within IT landscape. Here you will resolve trending IT concerns on topics like – Network Communication – Storage – Data Center – Server – Network Security. The whitepapers accurately address convergence between industrial and enterprise networks and collections of Articles, Features, Slide Shows and Analysis on Enterprise IT, Business and Leadership strategies that focus on critical
https://techcloudlink.com/

Leave a Reply