May 17, 2020

Five insights on implementing endpoint security in the cloud

Cybersecurity
Cloud
Cybercrime
cybercriminals
Rick McElroy
5 min
Cybersecurity cloud
Today’s “access-everything-anywhere-anytime” mobile data environment is great news for business productivity and performance but on the flipside i...

Today’s access-everything-anywhere-anytime” mobile data environment is great news for business productivity and performance but on the flipside it’s also a huge opportunity for cybercriminals.

The increasing multitude of endpoints represents an ever-expanding playground in which to develop new ways of infiltrating corporate networks and making off with the digital goods. Malware, ransomware and a rising incidence of fileless attacks all constantly chip away at the perimeter while security pros now have to secure an environment that can comprise thousands of potential attack points. So, it’s not surprising that getting smarter about endpoint security is high on the CISO agenda and we’re seeing many turning to the cloud to cope with the scale and complexity of the task.  

At Carbon Black we regularly talk to experienced CISOs who are in different stages of implementing cloud-based endpoint security and we see common threads – some operational, some strategic - running through those conversations. It’s also fascinating how these threads demonstrate the diverse skillset required by today’s CISOs. Here are five key insights that we’ve gleaned that will help anyone moving to cloud-based next generation security:

Before you start - know your data risk

When scoping your endpoint security strategy start by understanding what data is being accessed through your endpoints and its associated risk profile so you can devise an appropriate response in terms of mobile access to that data. This varies depending on the level of regulation in your industry. Linked to this is identifying compliance issues or privacy considerations that must be factored in when increasing endpoint monitoring – particularly if you operate in multiple territories. Having this understanding at the outset means you can devise a system that fits the challenge at hand, avoiding any surprises further down the line.

See also:

Layer it up to complement existing systems

Endpoint security has become a priority due to the expansion and increasing vulnerability of the network perimeter. It therefore makes sense to view moving to next generation endpoint security in the cloud as an evolutionary stage in an organisation’s security strategy. CISOs tell us that they see it as an additional layer that enhances their capabilities by delivering far greater real-time intelligence and visibility of the network, allowing them to detect and mitigate more attacks, faster.

At the same time as adding layers, though, they are aiming to keep a rein on the time and resources needed to manage their systems. This means that choosing products with intuitive management consoles and straightforward reporting is a key priority.

Balance security and system performance

For all that a breach in security could bring an organisation to its knees, try persuading users to tolerate any kind of slow-down in system performance and you’ll soon face a people’s revolt. The vast processing power of the cloud takes away the burden from on-premise systems and ensures that there is no user-detectable impact on performance. For CISOs this is one of the most important pillars in building the business case for moving endpoint security to the cloud.

People are your biggest security weakness – change management is crucial

Speaking of user impact, as employees become increasingly mobile they need to understand their own responsibility to protect the organisation. This is where, on top of all the other skills that today’s CISOs need, change management enters the mix. It is as much a psychological challenge as an operational one to create a security-conscious culture throughout the business.

As the lines between personal and business technology become increasingly blurred this actually represents an opportunity to frame cybersecurity as something that’s important across all aspects of our online lives: a security mindset shouldn’t be something you switch off when you leave the workplace. Education programmes that help users safeguard their home systems as well as the ones they use for work have more resonance and lead to smarter, more secure behaviour across the board, which has got to be a good thing.

Another angle is to make users feel a valued part of security. Explaining what the system is designed to do and how what’s being asked of them - e.g. adopting two-factor authentication – actually protects the network is a great way to create a sense of mission around security. CISOs also favour phased rollout – so users can receive adequate support during the adoption cycle and frustration is reduced.

Bring it to the board

Cybersecurity has shot up the board agenda thanks to a proliferation of high profile ransomware and DDoS attacks and the ever-tightening regulatory environment. Basic generalisations about the threat environment don’t cut it with the board anymore as directors want to know to what degree their business is under attack and what management plans to do about it.

CISOs are finding themselves more frequently invited to present to the board and this is a great opportunity to secure ongoing buy-in for endpoint security. Boards are motivated by understanding risk, so a powerful approach is to use the reporting capabilities of cloud-based security to demonstrate the number of security incidents that the system is encountering and neutralising on an ongoing basis. This offers an overall picture of the threat environment and demonstrates the importance of swift mitigation and forensic analysis of attacks to inform future strategy. With this evidence the board is better-positioned to assess risk in relation to business objectives and it is putting CISOs in a stronger position to bid for budget to protect the business.

There’s no doubt that implementing endpoint security in the cloud requires CISOs to draw on many very different areas of expertise: data management, privacy and compliance, business case building and change management to name just a few. What I take from our conversations is the knowledge that we, as solutions providers, need to support the whole process from start to finish – from the business user to the boardroom. At Carbon Black and we bring our expertise to complement that of our customers, protecting their business and making sure they reap the huge advantages of moving next-generation endpoint security to the cloud.

Rick McElroy, Security Strategist, Carbon Black

Share article

Most popular

This block is broken or missing. You may be missing content or you might need to enable the original module.
Jul 26, 2021

Five9: the cloud software industry leaders acquired by Zoom

five9
Cloud
contact centre
Catherine Gray
2 min
Following the announcement of Zoom buying cloud company Five9 for almost $15billion, we take a deeper look into the company’s history and success

Five9 is the leading provider of cloud contact centre software. Driven by a passion for transforming contact centres into customer engagement centres of excellence, Five9 have a deep understanding of the cost and complexity of running a contact centre.

Founded in 2001, Five9 help contact centres of every size create powerful connections. 

The company has over 20 years of cloud contact centre experience, reaches over 2,000 customers worldwide, and annually reaches over 7 billion customer interactions. 

Built on a highly reliable, secure and scalable cloud platform, Five9 makes it easy to rapidly trial and deploy new services. Its software also future proofs businesses by supporting AI and other emerging technologies.

Utilising cloud capabilities for improved customer experience

Offering software that creates more successful customer interactions, Five9’s cloud contact centre software increases contact centre productivity. This is without the capital expense and maintenance costs of premise-based systems.

Built on flexible architecture that adapts to a company’s changing needs, Five9 customers benefit from a secure, reliable and scalable contact centre.

Five9’s cloud contact centre platform also gives customers access to an extensive ecosystem of partners. Its platform can be enhanced with leading customer relationship management, analytics, workforce management, performance management solutions and telephony providers.

By utilising cloud technology, Five9 customers have access to the latest capabilities through no-touch, non-disruptive real-time upgrades.

Five9’s recognition for industry-leading software

As a leading cloud contact centre software provider, Five9 has been recognised by leading industry publications and organisations for its success and innovative solutions.

For the fourth consecutive year, Five9 has ranked as a global leader for The Aragon Research Globe for Intelligent Contact Centres 2021. 

Five9 was also one of only three providers to earn the MetriStar Top Provider award when evaluated as part of Metrigy’s global 2021-2022 Workforce Optimisation and Engagement research study.

Five9: Zoom’s first major acquisition

Zoom Video Communications has agreed to buy Five9 for about $14.7bn, marking the company’s first major acquisition.

This deal with Five9 will help expand the company’s Zoom Phone offering.

“I believe the combination of Zoom and Five9 will be a game-changer. Joining forces will create a transformative opportunity for two strong companies with complementary capabilities and shared values,” said Five9’s CEO, Rowan Trollope.

With Zoom’s reach and brand, the acquisition will help Five9 propel forward and help the company deliver on its goal of significant international expansion

Share article

Most popular

This block is broken or missing. You may be missing content or you might need to enable the original module.