SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Story image

You cannot protect what you do not understand

Thu, 9th May 2024

In today's cyber threat environment, any CISO who wants to lower risk and successfully defend their business against cyber disruptions and attacks must have a clear view into the threat landscape. They also know that visibility can be incredibly hard to obtain, with competing systems delivering conflicting data about the reality of their environment. As the only cybersecurity provider embedded in over half a billion laptops and devices, Absolute has a unique ability to provide an understanding of what you're up against.

In the Absolute Security Cyber Resilience Risk Index 2024, you get a look into the actionable data we provide. Analysing millions of deployed PCs, we show how enterprises are doing when it comes to compliance gaps, maintaining device health, and enforcing security policies across mobile and hybrid workforces. It also provides instruction on how cyber resilience capabilities mitigate identified risks.

  • Endpoint and Network Access Security Application Failures. While it is clear the shift to deploy modern secure access (ZTNA) and advanced prevention and detection is underway, we saw a concerning trend. Twenty-four per cent of the time, Endpoint Protection Platforms (EPP) and Network Access Security applications (ZTNA, VPN) fail to maintain compliance with security policies across endpoints. This is true even among those considered to be leaders in their markets. This condition is leaving a massive security gap at the edge of the network.
  • The AI Endpoint Wave. AI is everyone's favourite topic these days. This made us curious to see exactly how many enterprises are ready for this technical sea change. According to our research, 92 per cent of PCs in use are currently ill-equipped for the burgeoning demands of AI. This is a finding based on a growing number of reports and insights from industry analysts, all pointing out hardware and software capacity needed to support modern AI. PCs analysed were lacking necessary enhancements such as adequate RAM and other components needed to optimise for AI. To overcome the AI-readiness deficit, organisations will have to invest in millions of new PCs, which will need to be secure and compliant. Otherwise, they will face significant lags in performance and easily compromised by threat actors.
  • Organisations Continue to Fall Behind in Critical Patching. Most organisations set their own compliance policies when it comes to system and application patching. Although everyone knows the risk that comes with falling behind, we are still seeing disturbing delays. This year we saw that on average it takes organisations about 74 days to update their endpoints and applications to achieve compliance with their own policies and prescribed versions. This prolonged exposure period provides attackers with many opportunities to exploit vulnerabilities. A situation leaving enterprises open to data breaches, ransomware, and unwanted cyber disruptions.
  • Why We Care Endpoint security and compliance are rarely the most exciting topics to discuss, despite their necessity and expense. No one can argue that to remain defended against threats, your endpoints need a range of security layers, especially if you hope to protect your remote and hybrid workforce. All the investment in the world won't amount to anything if the tools you deploy don't work as needed. And, as our research shows, most fail to meet security and compliance requirements 24 per cent of the time, which is true even for the market leaders. The only way you can maintain the level of efficacy and compliance is if you have accurate intelligence to understand what is going on with your PCs, along with capabilities that can restore your devices and apps to a compliant state. Giving our customers this assurance is core to what we do.

Thoughts on How We Move Forward

  • Leverage the power within. The capability to self-heal and remediate weakened controls already exists within your devices. By activating this capability and integrating resilience solutions that ensure optimisation and remediation of security controls, you will significantly improve the reliability of endpoint and network defences. With continuous operational compliance, your organisation can maintain the strongest possible defence against advanced cyber threats.
  • The more intelligent the endpoint, the more you must protect it. AI-enabled PCs will have unique data and capabilities, many of which can't be replicated in the cloud. You can't just worry only about data any longer, as trained large language models and other processing practices will give threat actors an entirely new attack surface. Maintaining a permanent connection to advanced AI devices to ensure you can always locate, lock, or wipe them from a position in the firmware itself will ensure that these sensitive PCs and models never fall into the wrong hands. And as we saw during the pandemic, with any major system refresh cycle it is critical to ensure a seamless and safe transition. Provisioning millions of new endpoints is going to be a challenge, which will be compounded by the need to collect those already deployed. To manage the collection of PCs more securely, enable built-in technologies that can identify where all machines are and automatically wipe or freeze any not recovered.
  • Closing the compliance gap. Even if your policy is to remain a few versions behind the latest patch, it is critical to maintain whatever your prescribed policy is, quickly and consistently. If you adopt quicker and more effective patching processes and enable the ability to self-maintain compliance to a given policy, you will significantly reduce the risk of exposure. This will not only result in fewer compromises but also lower the cost of management.
  • Plan now to reduce risk of disruption post-incident. Keeping your "shields up" is now only one priority. Inevitably, a successful cyberattack will hit your organisation. At that moment, having an effective cyber resilience strategy will be equally important. Cyber resilience gets you back up and running as soon as possible, minimising down time and loss, even across remote systems. Cyber resilience is about more than just perfecting defences – it is about maintaining overall business continuity.

Embracing a Future-Proof Cyber Strategy 
If you are a CISO or other security and risk professional in charge of defending your organisation against threats that can result in tremendous financial and reputational losses, the Absolute Security Cyber Resilience Risk Index 2024 report gives you a dose of data-driven reality about the environment we are all working within. A clear view of your environment will enable you to maintain a healthy security posture and invaluable information that will inform your long-term Cyber Resilience Strategy.
 

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X