Cybersecurity threats have become one of the biggest risks facing companies in 2022 – and this is only set to get worse.
HP research shows that cyberthreats have grown by a staggering 300% year on year (YoY), with close to three-quarters of companies reporting they have suffered a breach of one kind or another.
“Threats are evolving at a rapid rate, with cybercriminals using new methods to try to evade the specific security protections used today,” says Ricardo Duarte: Lead Computing Technical PreSales Consultant, HP Inc. “This poses a significant challenge for traditional legacy security protections not capable of detecting or protecting against the progressive threat evolution.”
An HP study indicates that end user threats are increasingly coming from three directions:
* There has been an increase in firmware attacks – these are typically below the operating system where traditional detection-based anti-virus protection is not able to detect or remove.
* Ransomware attacks are on the rise – these are used to extort payment and/or make the encrypted data unusable by the company or individual.
* Malware is undergoing a massive evolution – these threats are being designed to bypass or evade traditional detection methods, even using technologies like built-in artificial intelligence (AI) to avoid detection.
For many organisations, this evolving threat landscape is exacerbated by the emerging hybrid working trend.
“One of the most common conversations HP is having with customers is about hybrid work strategies,” says Duarte. “Employees are no longer working from the confines of the managed and secure IT office location. IT security teams have the challenging task of protecting users working outside the company environment, and with protecting and securing the organisation’s data and physical assets.”
These challenges are driving the need for better endpoint security, something that is not a new concept at HP. “HP has a rich 20-year history in endpoint security innovation,” says Duarte. “Today we say that businesses and users need to be aware of all possible threat vectors, which are the measures the attacker takes to conduct an attack on your system. To protect against these vectors, organisations need to be secured inside, above and below the operation system.”
Which is why HP Wolf Security systems provide telemetry to HP on the threat landscapes being experienced today, Duarte explains. “We release a public quarterly report that discusses our most recent findings based on the telemetry we receive from our endpoint security controllers.”
The HP Wolf Security Threat Insights Report reviews notable threats, malware trends and techniques identified by HP Wolf Security’s customer telemetry.
Securing the endpoint
Wolf Security technology offers resiliency directly from the core of the system. “It does this by having a dedicated hardware embedded controller which acts as a cryptographically signed endpoint security controller (ESC). This offers the highest level of detection, protection and automatic remediation of threats that typically go undetected when running below the operating system,” Duarte says.
“We call this underlying ESC protection HP Sure Start, and it is embedded on all our commercial-grade platforms. It lays a strong secure foundation for a resilient system.”
But full resilience is about recognizing the potential that security defenses could be compromised, and having a plan in place to recover, he adds.
A fully resilient PC is able to:
* Protect against attacks – to keep them from happening in the first place.
* Detection of attacks – you cannot resolve a security issue if your system protection never detects the threat in the first place.”
* Recovery from attack – getting back up and running within seconds, with no real end-user interventions required.
HP Sure Click has a big role to play when users inadvertently click, and open or execute malicious attachments. It prevents potential threats by using a containerised method of isolation that doesn’t allow the malware or ransomware to affect the system. Users can simply close the attachment or browser tab and the threat will be eliminated by the container termination.
“It remains important to also mention that under Wolf security we have features that offer real value and peace of mind to customers using our technologies,” says Duarte.
“Some of those feature technologies like HP Tamper Lock, which provides protection from a physical intrusion perspective, including tampering with components of a notebook or desktop PC.
“HP Sure Sense is positioned as a NGAV (Next Generation AntiVirus) that provides protection against seen and also never-before-seen malware called Zero-Day threats. Sure Sense is Powered by mature behavioural analysis and AI/deep learning technology with offers out-of-the-box AV protection.
“HP Sure Admin is an advancement of cryptographically secure BIOS management solution. HP Sure Recover allows individual end users or organisations a secure mechanism to re-install either the HP factory operating system or the organisation’s corporate image from the cloud.
“This is ideal for today’s distributed workforce and stretched IT recourses,” says Duarte.
Full protection
Users are protected right out of the box with HP Sure Start technology, which acts as a solid foundation of hardware-level protection against malicious threats below the operating system.
“Wolf Security also offers HP Sure Click and HP Sure Sense, ready and functional out of the box with an OEM- factory supplied operation system,” says Duarte.
Even if the IT administrator removes the operating system and loads their own approved operating system, users will be protected by simply downloading and installing HP Sure Click and HP Sure Sense from the HP.com website. “Alternatively, the IT or security team can add HP Sure Click and HP Sure Sense into their company operating system build to ensure all users have the required security protections in place,” Duarte explains.
Businesses need to understand their endpoint security posture
HP Professional Services offers a range of security services that provide customers with insights into its endpoint security risk view, processes, and solutions.
“We believe organisations need to have an open security assessment conversation which helps to view customer security posture from an external point of view,” Duarte says. “We recognize that not all customers have resources and expertise in this area, and we are ready to assist them with security services and solutions.”
The HP Security Diagnostic Assessment helps in understanding individual requirements and gaps that the IT security team need to be aware of.
“The detailed report will show areas that need attention within the organisation,” Duarte explains. “The security recommendations report will be validated, then implemented to address the current security concerns and protections that need attention.”
Working with channel partners
HP Inc works with its resellers through the framework of the HP Amplify Partner Program, which empowers partners to sell, train and engage with end users.
“It also provides tiered levels of engagement where, through deeper engagement with HP on our services model, we unlock further rebates and activities,” says Duarte. “Partners can deliver certain services directly with the end customer either through our Service Delivery Program for hardware, or support end users in managing their software through the comprehensive Tech Pulse platform.”