Many will advocate that the cybersecurity battle is fought at the endpoint. Completely secure these devices and the attacker will not be able to advance their attack. This belief has fueled a new interest and focus on moving from endpoint protection (EPP) to endpoint detection and response solutions (EDR) as well as managed detection and response (MDR) solutions. The threat landscape is rapidly changing, and organizations’ defenses need to change with it. The latest generation of sophisticated attackers have proven that they can evade anti-virus solutions and bypass traditional perimeter defenses. Given their ability to routinely compromise networks, it has become more important than ever to layer in a “Defense in Depth” strategy that includes prevention, detection, and response. In many cases, predictive measures are also becoming a factor, increasing the need for collection of threat intelligence, which may have been discarded with prior prevention-only approaches.
Attacks on Point-of-Sale (POS) systems continue to occur at staggering rates and retailers remain exposed as vulnerabilities in point-of-sale systems afford weak links for attackers to exploit. According to the 2018 Verizon Data Breach Investigation Report (DBIR), of the more than 53,000 incidents examined, 2,216 were confirmed data breaches. The Gemalto Breach Level Index, shows retail at 11% of all breaches in 2017, in 3rd place, only slightly behind Financial at 12%, and Healthcare at a staggering 27%. These findings underscore that cybercrime continues to have a far-reaching impact on businesses across all regions and industries and retail remains squarely in the attacker’s cross-hairs.
The bad news is that cyber security threats are at an all-time high, but the good news is that security awareness is too. It has the attention of every boardroom in the country; the awareness around security is the highest I’ve seen it during my nearly 30 years in business.
So, what does that mean for CIOs and CISOs? Most importantly, more awareness means more dollars in the budget dedicated to security. The numbers reflect that. Global IT security spending will grow from $71.1 billion last year to a record $76.9 billion in 2015, according to Gartner.