The corporate endpoint is a constant battle between cybersecurity white hats and criminal attackers. According to one study from the Ponemon Institute, 68% of organizations were victims of an attack on the endpoint in 2019. The risks and costs associated with undetected threats are immeasurable. Organizations need to detect and respond immediately before any significant damage is done.
In order to do this, CISOs must look beyond the endpoint to also include email, servers, cloud workloads and networks. This is the value of Trend Micro’s XDR platform. We heard feedback on this strategy recently, as Trend Micro was named a Leader in The Forrester Wave™: Enterprise Detection and Response, Q1 2020.
Under fire and over-stretched
Enterprise IT security teams are under unparalleled pressure. On one hand, they’re bombarded with cyber-attacks on a massive scale. Trend Micro detected and blocked over 52 billion such threats in 2019 alone. On the other hand, they’re facing a range of continuously evolving black hat tools and techniques including fileless malware, phishing, and supply chain attacks, that could lead to data theft and service outages. The stakes couldn’t be higher, thanks to an ever-tightening regulatory regime. All of this must be done with workforce challenges: the current cyber skills shortage for North American firms stands at nearly 500,000 workers.
These are the kinds of challenges facing Trend Micro customer MedImpact Healthcare Systems, the largest privately held pharmacy benefit manager (PBM) in the US. Processing more than one million healthcare claims daily, MedImpact must protect two primary data centers, three call centers staffed 24/7, and multiple private network routing centers — all to the strict compliance requirements of HIPAA, PCI DSS and other regulations.
As Frank Bunton, VP, CISO for MedImpact knows, effective endpoint detection and response (EDR) is vital to modern organizations. “EDR accelerates the threat analysis process so we can get to the solution faster,” says Bunton. “Speed to resolution is critical because we see attacks every day on just about every network.”
But MedImpact is similar to a lot of other organizations today in that it also appreciates the need to go beyond the endpoint for critical cross-layer detection and response. “XDR gives us the added confidence that our organization is protected on all fronts. If an endpoint detects a problem, it automatically uploads the suspect object to a tool that analyzes that problem and fixes it. By the time we are aware of an issue, the issue is resolved. There is no way we could manage this much information without extended security automation,” says Bunton.
The future is XDR
This is where XDR comes in. It has been designed to look not just at endpoint detection and response, but also to collect and correlate data from across the organization, including: email, endpoint, servers, cloud workloads, and networks. With this enhanced context, and the power of our AI and expert security analytics, the platform is able to identify threats more easily and contain them more effectively.
This matters to organizations like MedImpact, whose key challenge was “finding security solutions that could communicate with each other and share valuable data in real time.” XDR has visibility across the entire IT environment to detect earlier and with more confidence. It provides a single source of the truth and delivers fewer higher-fidelity alerts to enhance protection and maximize limited IT resources.
But don’t just take our word for it. Forrester gave us a perfect score for product vision, security analytics, performance, market presence and much more. “Trend Micro has a forward-thinking approach and is an excellent choice for organizations wanting to centralize reporting and detection with XDR but have less capacity for proactively threat hunting,” the report concluded.
To find out more… check out the Forrester report on leaders in this space.
Learn more from MedImpact’s success story.