Is “Prevention, Detection and Response” Uproar in the Information Security Industry?

It is ideally after a post attack scenario when the blame game starts as to who is to be held responsible.  Attacks sometimes serves as a reminder for organizations to focus on security needs rather than considering it an integral part, which is the typical mindset of business managers.

The increase in cyber-attacks in the last few years that have not only affected organizations in losing trust among their loyalists but also marring the reputation they built over time; cyber security is now an important aspect to focus on, along with other core management of businesses. Security is now CEO’s responsibility.

A broader outlook of product capabilities and a good process is key to predicting the future attacks.  Also attack vector has moved from perimeter security to endpoint level making it very vital to secure endpoints. Not to mention the demand of BYOD in enterprises.

Antivirus and Anti-malware products served with intrusion detection offered support to enterprise security for years but no longer serve as the best means in the changing scenario.

Hence it is time Businesses start focusing on new age endpoint security products dealing with endpoint threat detection and response (EDR), alongside the conventional ones. It is important to assess the risk posture of endpoints, assessing vulnerabilities and fixing those. Once the endpoints are in continuous compliance, it is important to invest in tools that provide continuous threat detection and response capabilities.