Company security teams are understaffed, network complexity continues to increase, and the cost of data breaches is rising. However, XDR or Extended Detection and Response solutions offer an opportunity to reverse these trends and more.
A recent survey has revealed that many organizations are in the process of adopting extended detection and response (XDR) solutions. Nearly 80% of security personnel who responded to the survey agree that XDR should be a security priority for their organization. In support of this view, 68% of survey participants have also said that their organizations plan to implement XDR by 2022. The survey results presented above highlight the following reality: XDR solutions must drive strategies security of organizations in 2022. There are three big reasons for this.
XDR Addresses Security Skills Shortage
First, cybersecurity skills shortages remain a problem for many organizations. A recent report by the Information Systems Security Association (ISSA) and industry analyst firm Enterprise Strategy Group (ESG) offers some insights. ISSA is an international organization that brings together cybersecurity professionals, whose objective is to manage technological risk and protect information and critical infrastructure, promoting a secure digital world. The study reveals that factors such as increased workload (62%), unfilled positions (38%) and worker burnout (38%) contribute to the lack of skills of professionals, and most ( 95%) state that they believe this issue has not improved in recent years.
An advanced XDR solution can automate threat detection and remediation to save analysts time and effort
The problem with the lack of professional skills is that it complicates the security efforts of organizations. Taken together, these factors make it difficult for security personnel to filter information such as false positives in order to defend their employers from security problems. Information security teams are also facing burnout and overload from low-context alerts and false positives. As organizations expand, SIEM and SOAR solutions struggle to scale And they get more and more expensive. An advanced XDR solution provides a unified investigation and response experience that correlates telemetry across remote endpoints, mobile devices, cloud platforms, and applications in order to predict, prevent, and terminate malicious operations.
XDR Addresses Growing Network Complexity
Second, organizations use many different security tools, which adds to the complexity of their environment. In fact, according to one recent Reliaquest survey, companies use an average of 19 different security tools and many of the survey participants were not convinced of the effectiveness of these tools. For example, 85% of security decision makers said in the study that they are deploying new technologies faster than they can use them productively. Against this, an advanced XDR solution works to break down the data silos between devices, applications, productivity suites, user identities, and cloud deployments that attackers rely on to avoid detection. Advanced XDR unifies network connections, devices, and identities for faster and more effective threat detection and response, while unlocking new predictive capabilities that enable defenders to anticipate an attacker’s next move and proactively block it.
XDR combats rising costs of data breaches
A recent global research report by Cybereason, titled Ransomware: The True Cost to Business, reveals that the vast majority of organizations that have suffered a ransomware attack have experienced significant business impact, including lost revenue, damage to the organization’s brand, unplanned staff reductions, and even business interruptions. Additionally, the average cost of a data breach continues to rise. The IBM study Cost of a Data Breach 2021 found that the price of a leak had risen to $4.24 million, the highest total cost in the history of the IBM report. The study reveals that an organization takes an average of 287 days to detect and find a leak in its systems. This is concerning for organizations, as data breaches lasting more than 200 days cost an average of $4.87 million. By comparison, breaches that companies detect in less than 200 days cost $3.61 million on average.
An advanced XDR solution can automate threat detection and remediation to save analysts time and effort by autonomously discovering attacks and looking for malicious activity and the tactics, techniques and procedures (TTPs) used by attackers in campaigns from the real world. XDR provides security teams with the full history of the attack, including all related attack elements from the root cause across all affected computers and users. XDR technology allows teams to get the full context of an incident without all the noise of false positives, so they can instantly understand an attack and focus on what matters most. This enables security professionals to detect attacks earlier and remediate attacks faster, ultimately reducing attacker dwell time and the cost of security incidents.
The XDR Advantage
An advanced XDR solution enables organizations to take an operations-centric approach to security, providing the visibility organizations need to be confident in their security strategy across all network assets, and the automated responses to stop the progression of attacks. attacks in the early stages. An XDR solution must also provide defenders with the ability to predict, detect, and respond to cyber attacks across the enterprise, including end devices, networks, identities, cloud, and application workspaces.
By Yossi Naar, Chief Visionary Officer and Co-Founder of Cybereason
George is Digismak’s reported cum editor with 13 years of experience in Journalism