The Importance of Endpoint Detection & Response (EDR)
Mar 29, 2022
As cybercriminals continue to evolve, their attacks have become more sophisticated. Now more than ever endpoint targeting has become more prevalent. Endpoints include not only desktops and servers, but laptops, tablets, smartphones and even smartwatches. For some IT departments, endpoint management can be in the thousands which makes this a prime target for infiltration. Even more critical is the fact that traditional antivirus software is no longer enough to mitigate your cyber risk – enter Endpoint Detection & Response (EDR) solutions.
What is EDR?
Endpoint Detection & Response (EDR) is a security solution leveraging real-time continuous monitoring and collection of an organization’s endpoint data to detect suspicious system behavior.
What are the benefits of EDR?
Research suggests the average time between a breach and actual detection is over 200 days! EDR solutions help eliminate human response delays through its continuous monitoring which allows for remediation through predictive analysis and advanced threat protection. Once it detects an issue, it automatically takes action to quarantine and remove the threat all while alerting appropriate human administrators to prevent a potentially devastating and costly cyber incident.
- Enhanced visibility into your endpoints and allows for faster response time
- Post-breach detection, remediation, and response
- Machine learning and built-in analytics tools used to identify new and emerging threats
- Prevention of costly intrusion – an IBM study found those organizations that contain a breach in under 30 days save more the $1million.
How can WVCT Help?
WVCT’s Managed Services through DMC Technology Group includes advanced Endpoint Detection & Response (EDR) software that provides you the peace of mind in knowing your greatest assets are being monitored 24×7 against the latest cyber threat. Proactively allowing you to minimize lost data and valuable production time.
For more information, check out our managed services solutions here.
Categories: Risk Services
New Mandatory Requirement For Cyber Insurance
Oct 19, 2021
During the past year, ransomware attacks and other cyber breaches have skyrocketed leading to significant changes in the cyber insurance marketplace. Historically, obtaining cyber insurance was simple and renewals were a matter of updates based on major changes within an organization. Fast forward to now and notable shifts in insurance policies and regulations are taking shape. Underwriters are now asking for more information related to cyber controls and IT risk management.
Multi-Factor Authentication (MFA)
Multi-Factor Authentical (MFA) is now a minimum requirement for cyber insurance through most carriers. The message, if you have not incorporated MFA into your current IT environment, your organization may be considered a high risk which would disqualify you from coverage.
MFA provides an additional layer of security above and beyond your traditional password protection. It requires users to validate their identity with additional credentials. These credentials could be the answer to a security question, the click of a button in an app for approvals, or even a biometric identifier such as a fingerprint. This extra layer of protection stops attackers as they won’t be able to access an account without all required credentials, even if they have stolen a password. The additional proof points confirm the person attempting to enter the system is truly who they say they are.
According to both Microsoft, ‘up to 99% of cyber identity attacks can be prevented with MFA’. Google has also supported this with their research ‘which shows that simply adding a recovery phone number to your Google Account can block up to 100% of automated bots, 99% of bulk phishing attacks, and 66% of targeted attacks.’
If you already have cyber insurance you more than likely will find stricter requirements during your renewal. If you are in the market for cyber insurance, you will need to incorporate MFA before you seek coverage. Carrier data proves those without MFA are at a much higher risk for extortion and therefore coverage is not obtainable.
Our WVC Technologies team can assist with your MFA initiatives to help you: one, qualify for cyber insurance quotes from multiple carriers, and two, help reduce your claims activity which can improve your insurance pricing.
Connect With Us.
Greg Gomach, WVC Technologies Senior Client Rep.
Categories: Risk Services
SBA Data Exposure Highlights the Need for Cybersecurity Programs
Apr 23, 2020
On April 21, 2020, news sources* revealed the Small Business Administration (SBA) notified 8,000 applicants of the Economic Injury Disaster Loan (EIDL) program of a data exposure on the application website. The exposure, which occurred briefly on March 25, may have permitted applicants to view Personally Identifiable Information (PII) of other applicants. Current reports reveal the disclosure included names, Social Security numbers, tax identification numbers, addresses, dates of birth, emails, phone numbers, marital and citizenship statuses, household sizes, incomes, financial and insurance information.
If you learn you have been impacted by the data exposure, the Federal Trade Commission has provided specific guidance with checklists on their website for Identity Theft. The actions described in their checklists are based on the type of data loss. Please refer to this website on how to protect yourself.
It is unfortunate to have a data exposure during an already stressful time, but it further demonstrates the continued need for cybersecurity programs. WVC Technologies is here to assist you in making sure your company is operating securely whether it be updating your remote working policies, implementing a security practice, or preparing a business continuity plan.
*CNBC was the first to report on the data exposure from the SBA. For a full report, please see this article.
Connect With Us.
Tiffany Pollard, CISA
Risk Services Practice Leader
Categories: Risk Services