Bitdefender expert on building a resilient enterprise security strategy

Bitdefender expert on building a resilient enterprise security strategy

Enterprises are becoming increasingly concerned with the future of their security strategy post-pandemic. Dan Pitman, Director of Product and Technical Marketing at Bitdefender, discusses the importance of navigating new cybersecurity solutions with an expanding hybrid and remote working workforce.

Dan Pitman, Director of Product and Technical Marketing, Bitdefender.

Businesses are investing in improving their cybersecurity after the pandemic – why is this?

Businesses have increased their investment in improved cybersecurity post-pandemic due to numerous reasons. There’s the obvious one – which is where complexity went off the scale. As people moved to work from home, companies had to move to a more digital way of working, not just with their employees but also in their business practices. This necessitated an increase in their Digital Transformation velocity and the Digital Transformation for their end-users and within the organisation itself. So, complexity is essential from a cybersecurity point of view because complexity drives risk when we think about cybersecurity. So, if we have more devices, more network connections or more users, then that means that there is a higher risk because it’s harder to manage and understand all the different use-cases that we might see.

How have organisations adapted to an increased need for a more robust security strategy following the acceptance of a hybrid work culture?

We’ve seen more acceptance that businesses need a more profound cybersecurity solution; with that, organisations have wanted to broaden their coverage to other areas. This can mean an increased level of detection on the endpoint, so more complex analytics using Machine Learning, for example, but it can also mean more visibility and coverage, which are very important.

If you think about hybrid working, users are more likely to use different applications than before. Additionally, they might be moving data around differently than before, so companies need to keep an eye on the systems they’re managing. As such, having consolidated threat detection across all those areas has become a key focus for many enterprises and we definitely see that with our customer base wanting to increase their coverage beyond the endpoint.

The other side of that is that when we think about those hybrid workers, they’re connected to corporate networks through private Internet Service Providers. This means that enterprises need to understand not just the business security landscape but also the consumer security landscape. For me, working at Bitdefender is nice because we have both sides of that and we’re able to understand that so our business cybersecurity solutions can learn from the consumer division.

Can you talk us through how businesses can adopt a more preventative cybersecurity approach?

Sometimes I like to start some conversations with a challenging point of view, that when we think about prevention versus detection and response, the only real difference is the speed of the response.

If we think about preventative controls and security, especially prevention from an endpoint point of view, then normally, there’ll be some detection that occurs and then we’ll stop the attack. An automated response from detection and response helps people prevent attacks or potential security incidents from continuing. Then when we move up the cyberkill chain, we focus on prevention and the early stages of an attack. We want to try and stop the attack from starting in the first place, so we must have good risk analytics and a deep understanding of the risks that present themselves for our users and on our systems.

What are the consequences for organisations that don’t invest more in threat prevention or detection response solutions?

From a business point of view, the impact can be either in reputation or revenue. Either way, one will affect the other; for example, if you have an impact on reputation, it will impact your revenue in the midterm. So here we can think about things in a slightly different way – so cyber-resilience. I think cyber-resilience is helpful to talk about in this context because it stands up on a single premise and that you should assume that at some point your systems are going to be breached and understand how to cope with that. This is useful because it means we look beyond prevention and detection.

We can think about resilience in several ways. Some people will talk about resilience as taking a punch but I prefer asking if you can weather the storm. In the event of a cybersecurity incident, that is a sustained activity that a business has to undertake. You need good prevention and to stop attacks as well as possible. Furthermore, you need reliable detection and response capabilities to protect things your prevention software might not pick up. Finally, you need robust cybersecurity so you can recover quickly. This is why I think cyber-resilience is a valuable term as a wider superset of things beyond just cybersecurity. Ultimately, ensuring cybersecurity is tied into all the departments in a company and employees can understand how they can shore up defences and survive a cyber incident.

Why is unified endpoint security so important for organisations today?

I think unified endpoint security relates to what we’ve been talking about so far, so being as complete as possible in your approach to cybersecurity and having broad coverage in a hybrid world.

Nowadays, it’s not just about having Endpoint Protection platforms in place but also making sure that you have more intelligent detection systems in place, the ability to respond to an incident and having your people know what to do in the event of a security incident.

How does Bitdefender create enterprise security built for resilience?

Bitdefender is focused on ensuring customers can consume services and technology appropriately by having the basics. Customers benefit from both risk analytics and endpoint protection by not just using traditional measures to detect malware and ransomware but also using more intelligent mechanisms.

With the offering of additional technologies, for example, new routes for security teams to interrogate the events being raised by a system and broaden that coverage to their network or Internet cloud platform.

Clients without security teams can be provided a managed detection and response service. Experts within Security Operations Centres using the Bitdefender solution will take that telemetry and build bespoke baselines for each customer, giving the ability to treat unique threat hunting and further detection measures. Bitdefender ensures that the choice is appropriate for the organisation and provides the best chance of enabling their resilience.

What results could an organisation/customer of Bitdefender expect?

Our endpoint protection solution does exceptionally well. If we look at AV comparatives, we can detect some of the highest rates within the industry. So on that basis, when you think about getting rid of the potential problems, customers can feel sure that we will provide a Return on Investment (ROI).

When we’ve moved into services like managed detection and response, customers expect – and continue to expect – our help to improve their security posture and maturity, e.g. looking at their environments and providing them with ongoing guidance to grow their defences.

Browse our latest issue

Intelligent CIO Middle East

View Magazine Archive