As cyberthreats continue to increase , it is critical for organisations to ensure greater protection and smoother experiences for their users . Rob Allen , VP of Operations for EMEA at ThreatLocker and a seasoned IT professional with over two decades of experience , speaks to Intelligent Tech Channels ’ Arrey Bate about how organisations can ensure a seamless approach to cloud solution adoption and reduce their exposure to attacks .

Rob Allen , VP of Operations for EMEA at ThreatLocker

So , people moved to use EDR , MDR and XDRs which are tools used for detection and response . These tools don ’ t depend on definitions and signatures , they base on behaviours of heuristics and are fundamentally more successful than antivirus because they are good at stopping and blocking known threats . But the limitation is that recent threats come from both known and unknown destinations . Zero days are a great example of threats like that as hundreds of new pieces of malware are released every day .

So , while EDR is in many ways better than antiviruses , it still provides little security from unknown threats and this clearly demonstrates the evolution in strategies and products organisations have used to protect their networks and endpoints . Today , Zero Trust is the answer to safely securing all endpoints and protecting networks and data from both known and unknown attacks .

What are some of the challenges to endpoint security deployments ?

The most common challenge is in configuring and setting tools properly . An EDR is only as good as its configuration and we have seen multiple examples of good tools that are misconfigured to offer little or no protection .

Another challenge is what I term ‘ notification fatigue ’. These tools are configured to alert when something is going wrong and will usually produce two to five alerts daily . In cases where more than one hundred alerts are produced per

day – and these alerts must be checked for security reasons – this produces notification fatigue . Whether responses are automated or manual , these responses must be investigated . So , notification fatigue is a major challenge with the traditional approach .

What would you say is the best approach to implementing the right endpoint security strategy ?

My experience serving multiple brands across the world has taught me that EDR and AV each have their place in providing different levels of security and that ’ s where a lot of organisations may get compromised .

My belief is that combining these approaches with its controls produces a sweet spot from a cybersecurity perspective . And this is where Zero Trust comes in , where detection and controls are based on binary decisions . So , it comes down to rules ,

34 www . intelligenttechchannels . com