Traditionally, organisations have relied on endpoint detection and response (EDR) to ensure the integrity of their perimeter defences. But with malicious users focusing their efforts on more targeted attacks, XDR (X detection and response) has emerged as a more effective way of combating cyber threats.
Indi Siriniwasa, vice-president: sub-Saharan Africa at Trend Micro
The ‘X’ points to the variety of entry points into the organisational network. So, by definition, XDR can detect and respond to attacks wherever they may occur. This includes email, network, web, and cloud data. Beyond providing for better protection, XDR can also translate into discernible business benefits.
Complete visibility
XDR provides visibility into the entire attack lifecycle from infiltration to movement across the network as well as exfiltration to the source of the attack. In turn, this gives decision-makers a better way of preventing sensitive data from leaving the network or the compromise of critical systems that could result in severe business disruption, ransomware, or worse.
However, for this to work, a business must use a security vendor that has solutions spanning the entire network and all likely attack vectors. Furthermore, these must be integrated to avoid having to manage separate products and potentially losing sight of the overall security landscape of the organisation.
XDR solutions must support threat intelligence and data analytics. Because this approach is typically done from a managed services perspective, it can be automated by leveraging the computational power of the cloud provider to use artificial intelligence (AI) and machine learning.
XDR is such a radically different way of fighting cyberattacks and that is why companies must move away from traditional security practices. By embracing this more consolidated cyber security methodology, fewer vendors are involved, thereby reducing the security silos of the past.
Silos be gone
It is in the removal of these silos where XDR comes into its own.
Instead of providing the virtual glue to tie these [silos] together, XDR breaks them down completely and centralises the data from cyber security solutions. No longer do companies have to rely on separate pieces of data from individual solutions, spend time analysing it and then work out how best to defend themselves, resulting in significant resources consumed not to mention mounting costs.
Another risk is that more sophisticated attacks will likely be missed entirely only coming to light (if ever) after the data has been compromised or stolen.
XDR gives the organisation the capability of dealing with these advanced attacks thanks to using AI (Artificial Intelligence), machine learning and expert analytics. Suddenly, the company can be pro-active with its defensive measures instead of reacting after the fact.
With XDR providing protection for all entry points into the company network, it is time for organisations to start thinking differently and embrace this more advanced way of shoring up their cyber security.