Check out Keypoint Intelligence’s Cybersecurity page!
In this series, in conjunction with Agile Cybersecurity Solutions (ACS, our cybersecurity testing and consulting partner), Keypoint Intelligence investigates the many facets of cybersecurity to deliver insight and strategy. On every Tuesday moving forward, you will have access to free tips and tricks, helpful hints, as well as solutions and tools to help you navigate the potentially treacherous waters of cybersecurity.
It’s Halloween, and what’s scarier than a poorly managed endpoint? Not much, really. Inadequate endpoint and Internet of Things (IoT) management can leave your organization vulnerable to all sorts of cyberattacks, from data breaches to malware infections and ransomware attacks.
But it’s not just your organization that’s at risk. Poor endpoint management can also put your customers, employees, and partners at risk. If a hacker gains access to a poorly managed endpoint, they could use it to steal customer data, launch phishing attacks against employees, or even disrupt your business operations.
For example, Marriott’s cyber infrastructure was breached and over 500 million guests were affected. The attackers got into Marriott’s computer system through an inadequately protected data server. The attackers stole personal information from guests including names, addresses, passport numbers, and credit card numbers—you know, the important stuff. Experts found that the attackers had been in Marriott’s system since 2014, but no one had noticed until September 2018. This created a massive issue for the company as they had to pay a fine to the UK government for not protecting guest data and they were also sued by some of the guests whose information was stolen.
Other scary stories of inadequate endpoint management include:
- The ransomware attack that crippled a hospital: In 2016, a ransomware attack crippled a hospital in California. The attack encrypted the hospital's files and demanded a ransom payment of $3.6 million. The hospital was forced to pay the ransom to regain access to its files.
- The data breach that exposed millions of customer records: In 2017, a data breach at Equifax exposed the personal information of over 147 million Americans. The breach was caused by a vulnerability in Equifax's website that hackers were able to exploit.
- The IoT attack that took down a power grid: In 2016, a hacker was able to take down a power grid in Ukraine by exploiting vulnerabilities in IoT devices. The attack caused a blackout that affected over 225,000 people.
These cyberattacks put in stark relief the need for robust endpoint management. This can be achieved by keeping software up to date, using strong passwords, being cautious about what applications are installed, and (most importantly) by deploying an endpoint detection and response (EDR) solution. EDR is a cybersecurity technology that continually monitors and analyzes endpoint data to detect and respond to anomalous and potentially malicious activity. EDR solutions collect a wide range of data from endpoints, including process execution, file changes, network traffic, and user behavior. This data is then analyzed using a variety of techniques (including machine learning and artificial intelligence) to identify suspicious activity. If an EDR solution detects anything, it can take a variety of actions, including:
- Alerting security teams
- Quarantining or deleting malicious files
- Terminating malicious processes
- Blocking malicious network traffic
- Isolating infected endpoints
Keypoint Intelligence Opinion
Inadequate endpoint and IoT management can have serious consequences for any organization and its customers. Comprehensive endpoint management and EDR solutions can help to protect organizations from endpoint and IoT attacks by tracking and managing all devices, ensuring that devices are running the latest security patches, identifying and patching security vulnerabilities, controlling what applications can be installed and run on devices, as well as monitoring devices for suspicious activity and responding to attacks in real time. By deploying an EDR solution, you can help to protect yourself from endpoint and IoT attacks.
Happy Halloween!
Browse through our Industry Reports Page (latest reports only). Log in to the InfoCenter to view research, reports, and studies on cybersecurity through our CompleteView Advisory Service. If you’re not a subscriber, contact us for more info by clicking here.
Keep Reading
The Insider’s Guide to Cybersecurity: Planning for Cybersecurity Awareness Month
The Insider’s Guide to Cybersecurity: The Power of Cybersecurity Awareness Training Programs
The Insider’s Guide to Cybersecurity: Crafting Your Cybersecurity Incident Response Plan
The Insider’s Guide to Cybersecurity: Endpoint Security Management