When businesses think about protecting themselves from cyber attacks, they may worry most about how to respond to threats “out there” on the web.
But focusing closer to home is the first and one of the most effective protection strategies they can take.
Why? Because nearly 70% of all breaches begin at endpoints—the network-connected servers and devices an organization’s personnel use.
Endpoint detection and response (EDR) is an essential part of any comprehensive strategy for guarding against and mitigating risks posed by advanced threats at large in cyberspace.
Read on for a brief overview of endpoint security solutions and information about how we at ProWriters are making it easier for you to help your clients stay safe in today’s connected, digital marketplace.
What is Endpoint Detection and Response (EDR)?
While EDR solutions may include antivirus software, endpoint detection and response is so much more.
Cybersecurity expert Anton Chuvakin coined the term in 2013 as the “generic name for the tools primarily focused on detecting and investigating suspicious activities (and traces of such)” on endpoints. EDR capabilities include:
- Identifying actual and possible threats.
New malware emerges and spreads at an alarming rate. EDR goes threat hunting by frequently scanning endpoints’ files, logs, processes, and configurations. It finds and quarantines malicious programs so users can remove them—or it removes them itself. - Continuously monitoring endpoints in real-time.
EDR tools identify threats and suspicious activity, and can even revoke the endpoint’s network access until IT can investigate more fully. - Facilitating response to threats.
EDR aggregates, organizes, and analyzes data. It constructs timelines of attacks, identifying the affected systems, and gathering cybersecurity artifacts (clues, like fingerprints at a crime scene, left deep in an operating system). EDR thus speeds up an organization’s ability to investigate and respond to threats.
Other acronyms you may encounter as you explore endpoint detection and response are:
- MDR
Managed detection and response, in which an organization outsources its EDR to a third party dedicated to the task 24/7/365.
- XDR
XDR integrates EDR and MDR solutions in order to monitor and respond to threats wherever they arise.
But by any name, EDR’s benefits should be clear.
As long as human error remains a leading cause of data breaches, companies will need robust technological safeguards in place. They must defend data, flag and shut down cyber threats before they cause costly chaos, and make any needed damage control faster and more effective.
Why Insurers Want Businesses to Care About EDR
Cyber insurance carriers want the businesses they insure to be vigilant about EDR security. Without it, those businesses needlessly run exponentially greater risks.
Malware attacks and other cyber security incidents can:
- interrupt services, leading to lost sales and lost customers.
- expose sensitive and legally protected information, resulting in potentially protracted and costly litigation.
- deal blows to a company’s income and reputation from which some, especially small and mid-sized businesses, will never recover.
Cyber insurance policies are “the final safety net” in the event of a breach, as one cyber account executive told Insurance Business America. Your business clients shouldn’t bank on getting a large payout in place of putting endpoint detection and response protocols in place now.
Indeed, without having adequate EDR solutions in place, your clients may have trouble securing cyber insurance at all.
How the ProWriters-Pondurance Partnership Protects Your Clients
Our research at ProWriters reveals too few insurance brokers—only 18%—know whether their business clients have taken proactive EDR steps.
We want to help you raise your own and your customers’ awareness of this critical issue. We also want to help you bring a strong endpoint security solution within your clients’ reach, regardless of their insurance carrier. So we’re teaming with Pondurance, a leading provider of world-class detection and response services, to offer a full year of MDR covering up to 10 of your business clients’ endpoints.
Pondurance brings cloud-based, advanced threat detection and response tools to bear on organizations’ cyber security, rather than buying separate best-of-breed components dedicated to individual clients.
This approach makes Pondurance MDR a more cost-effective choice for a company than spending millions of dollars in staff and expense to try and manage EDR on their own, according to Pondurance CEO Doug Howard.
And Pondurance MDR isn’t a fully automated, “call us if you need us” arrangement, says Howard. Your clients will enjoy peace of mind with 24/7/365 monitoring and threat hunting from multiple Security Operation Center (SOC) locations, where artificial intelligence complements—not replaces—expert human analysts.
When an incident occurs, Pondurance will respond in less than two hours. It will provide an initial analysis of the incident in less than eight. Your clients can get back to business as soon as possible.
Watch this video for more information about the ProWriters-Pondurance partnership.
Or, contact us to schedule a time to talk about how it can add value to the business clients you serve.