Endpoint Security Transformation
In this article
Cybercrime costs the global economy $400+ billion a year, with the cost of an average data breach expected to exceed $150 million by 2020. The cost of cybercrime will continue to increase as more businesses, banks, corporate workloads and consumers migrate to the cloud.
For banks and corporations, this means higher levels of and more sophisticated attempts at payment fraud and extortion, which can lead to adverse publicity. Organisations will also see variations of current crimes from risks yet to be created by technology advances.
Regulation and more standardised attempts to combat cyber threats are also likely to increase as policymakers better understand and acknowledge the problem and its potential effect on people, businesses and economies. For example, just in the past couple years we've seen major changes in laws to regulate cybersecurity:
- In December 2016, the U.S. Cybersecurity Act of 2015 became a law and the EU agreed on cybersecurity rules in the Network and Information Security (NIS) Directive.
- The General Data Protection Regulation (GDPR) will repeal the 1995 Directive 95/46/EC in 2018.
- The Payment Services Directive II (PSD2) will be EU law in March 2018, which mandates additional endpoint security controls.
For the technology and tools available for banks and corporations, the industry is likely to see significant advances in prevention and detection, particularly with regards to machine learning and artificial intelligence (AI). Performance improvements with reputational analysis and increased utilisation of data-driven detection systems will help alert to unexpected changes in patterns of activity. Also, the development of alternative technology could be used to strengthen protection against cyber fraud. For example, blockchain can provide a means to authenticate participants, verify all counterparty identities and protect consumers and corporations from fraud.
With all of this in mind, it's clear that banks and corporations cannot afford to hold back on cybersecurity, specifically endpoint protection. The easiest way to examine endpoint protection solutions are to look at those designed to secure endpoints before an attack versus those focused on containing a breach after an attack. An endpoint protection suite (EPS) covers the window of compromise between vulnerability and breach and is the best defense before a breach occurs. This suite will deliver the critical security components, while providing security intelligence, operational availability and maximising business productivity.
Taking this type of holistic approach to cybersecurity positively impacts the success and delivery of a cybersecurity program. While technological defences remain crucial, they should not intrude on business functions. Performance and optimal user experience is critical to a successful implementation and adoption by the business units. A case study highlights this point.
A large global bank headquartered in the UK needed to perform a high-level assessment of their virtual compute platform to evaluate the readiness in deploying an EPS. The bank's objective was to understand if their existing infrastructure could support the planned deployment while maintaining a positive user experience globally.
Needing a third party to produce the assessment, WWT conducted a Virtual Infrastructure Assessment for the bank. During this evaluation, we used industry-leading tooling to benchmark, load test and plan capacity for their complex virtual desktop environment. The assessment determined any additional CPU needed and memory and storage requirements to ensure a solid foundation for the EPS. Furthermore, the assessment noted the speed at which the EPS upgrade could deploy across the customer's environment without any impact on the end-user experience.
Following this four week engagement, the bank then requested further assessments, performance testing and consulting services around endpoint security, virtual desktop\server infrastructure, optimisation and performance tuning best practices.
We then led the architecture and design aspects of the bank's global endpoint solution for 100,000+ endpoints. During this phase we provided programme management, technical leadership, load testing, user acceptance testing (UAT) and migration support ensuring the design theory was validated and the controls could be delivered to the bank's satisfaction. When it came time for deployment, we were there to support the banks programme team in optimising their approach to ensure a seamless execution and migration.
Our expertise coupled with the bank's adoption of rigorous programme governance ensured their risk was being appropriately managed and met all the appropriate regulations. Had this not been addressed, the bank would've faced penalty costs amounting to millions in U.S. dollars.
The endpoint has emerged as a prime target for launching attacks against key assets, and traditional endpoint security is no longer effective. Start thinking about the future of your security programme and what changes can be made to enhance your protection.