Issue link: https://insights.oneneck.com/i/1458399
CHAPTER 4 Leveraging Unmatched Threat Protection 53 These materials are © 2020 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use is strictly prohibited. FIVE REQUIREMENTS FOR EFFECTIVE ENDPOINT PROTECTION Attackers must complete a sequence of events, known as the attack lifecycle, to accomplish their objectives, whether stealing information or running ransomware. Nearly every attack relies on compromising an endpoint to succeed, and although most organizations have deployed some type of endpoint protection, infections are still common. Here are five key requirements for effective endpoint protection: • Fighting threats with cloud-based malware analysis. Today's complex threat landscape — combined with the diversity, volume, and sophistication of threats — makes effective threat prevention challenging. This problem is compounded by the challenge of detecting never-before-seen malware and exploits in addition to identifying known malicious content. To address these sophisticated, targeted, and evasive threats, end- point protection must integrate with shared, cloud-based threat intelligence to learn and evolve its defenses and enable deep anal- ysis to rapidly detect potentially unknown threats. • Prevent ransomware. Although ransomware is not new, major attacks like WannaCry, Petya/NotPetya, and TrickBot have shown that traditional prevention methods are ineffective against advanced ransomware. Attackers have evolved their approach and use of malware to become more sophisticated, automated, targeted, and highly evasive. • Hit pause on "Patch Tuesday." Thousands of new software vul- nerabilities and exploits are discovered each year, requiring dili- gent software patch distribution by software vendors on top of patch management by system and security administrators in every organization. This regular stream of patches and updates is affec- tionately known as "Patch Tuesday." (continued)