Endpoint 911: Why Organizations Need Continuous Insight, Accelerated Risk Prioritization and Incident Response

There are about 240 million calls to 911 every year in North America, according to the National Emergency Number Association. Of these calls, it is estimated that roughly 15 percent to 20 percent are nonemergencies. Operators have only a few seconds to assess the risk associated with the call, pinpoint the caller’s location and send emergency services to the scene. With only limited resources, they have the critical task of ensuring they dispatch emergency services to the calls that need the most urgent help first.

Cyberthreats might not be life-threatening, but they still need to be stopped before they cause significant financial and reputational damages to an organization. You need a security system that can detect an attack, prioritize risks and respond within minutes to shut down an attack or vulnerability that could compromise your endpoints and data.

The following is a five-step process powered that will ensure you have an effective system that can detect and respond to advanced threats in minutes:

1. Continuous Insight Into Every Endpoint

Your data is no longer limited to on-network endpoints. As global organizations and mobile workforces grow, you need to continuously protect and monitor every endpoint, no matter if it is located on or off your network, in real time.

2. Enforce Continuous Policy Compliance

Enforcing continuous compliance on your endpoints with security and regulatory policies ensures there are no configuration drifts that can open up windows of opportunity for cybercriminals to take advantage of and infiltrate your data. Traditional scan-based technologies need to be traded in for a continuous compliance model.

3. Stop Malware Proactively

Antivirus, OS and application vendors require knowledge of malware before a signature or patch can be issued. IBM Trusteer Apex prevents malware before signatures or patches are created by applying an integrated, multilayered defense that breaks the attack chain and preempts infection. This keeps you one step ahead of cybercriminals.

4. Accelerate Risk Prioritization

The ability to prioritize the most important risks on your endpoints is increasingly crucial. You must be able to identify the most vulnerable endpoints that need to be fixed first to prevent or stop an attack that can cause widespread damage. Even more compelling is the ability to accelerate this risk prioritization, since every minute that passes during an attack can exacerbate the damage caused.

Having continuous insight into the compliance status of all your endpoints allows the event management system to only focus on vulnerabilities and risks that apply to your endpoints, thereby accelerating the time to identify and fix the most important problems first.

5. Real-Time Incident Response

As with any security system, the ability to respond to a threat within minutes is as crucial as being able to identify and pinpoint the threat. A real-time incident response system lets you do just that. IBM BigFix, with its automatic quarantine and custom remediation capabilities, gives you the ability to find and fix problems within minutes, no matter the type, location, connectivity or bandwidth of your endpoint.

Infirmary Health System

Given the black market for stolen user data and personal health records, the need to secure data is even more prevalent in the health care space. A health record is sold for an average of $50 on the black market, while a stolen Social Security number can cost as little as $1.

For instance, at Infirmary Health System, the largest not-for-profit hospital in Alabama, it often took IT administrators up to two months to apply software patches or deploy new applications across the organization’s more than 4,000 work stations. Likewise, consolidating and correlating security events from disparate data sources for investigations and auditing took days or weeks.

Working with ESM Technology, Infirmary Health System deployed a comprehensive security intelligence and endpoint management solution from IBM that uses advanced analytics to automatically identify and rank valid security threats while responding to them in real time to remediate vulnerabilities and stop cyberattacks.

Image Source: Flickr

Rohan Ramesh

Product Marketing Manager

Rohan is the Senior Product Marketing Manager for IBM Watson for Cyber Security and QRadar Advisor with Watson. He is responsible for the worldwide marketing strategy and execution of Watson for Cyber Security. Rohan is experienced in marketing strategy, digital marketing, SEO, social media marketing, content strategy and enterprise level application development. He holds a Master’s degree in Business Administration and a Bachelor’s degree in Engineering with over 8 years of experience in the IT industry.​