There are available tools that companies can tap into to combat cybersecurity threats, one of which is XDR.
Global companies are constantly facing the challenges of cyber threats, particularly phishing scams. Fortunately, there are available tools that companies can tap into to combat cybersecurity threats.
In this Q&A, Jonathan Tan, Managing Director, Asia, Trellix, shares insights on XDR and how it can help CISOs protect their organizations from cyber threats.
Can you briefly discuss what extended detection and response (XDR) is?
Tan: Simply put, XDR is an evolving security category that can unify threat prevention, detection, and response. XDR solutions ingest data from tools in an organization’s security technology stack to create greater context for Security Operations Center (SOC) teams to perform faster threat detection, investigation, and response. It is the natural evolution to EDR (Endpoint Detection and Response), which was formerly the industry standard.
To better illustrate, think of XDR as a three-legged stool. If you only have detection and response capabilities, it is like having a stool with only two legs – and you need all three legs for the stool to stand up and function properly. The ‘third leg’ here is data protection beyond the endpoint, which provides a comprehensive overview of the organization’s security infrastructure. Without it, one will miss a vital piece of the puzzle.
How can XDR help CISOs protect their organizations from phishing and other cyber threats in a holistic fashion?
Tan: XDR’s ability to continuously learn and adapt makes it an indispensable ally for CISOs. Phishing attacks are constantly evolving, and traditional security measures often struggle to keep up. Leveraging XDR solutions can help organizations monitor traffic patterns, detect anomalous behavior, and identify potential threats that may otherwise bypass other security layers.
What also sets XDR apart is its proactive stance – it goes beyond mere detection and response by actively working to prevent incidents before they occur. In the context of phishing scams, XDR immediately quarantines phishing emails, block malicious sites, and isolates compromised endpoints, which not only prevents damage but also saves precious time for security professionals.
What technologies or solutions should CISOs have in their arsenal to combat current cyberthreats?
Tan: The key word here is not solutions – but solution. Our recent Mind of the CISO study found that organizations are working with too many of the wrong solutions, with some reporting using an average of 28 individual security solutions. More than one-third of CISOs (36%) say a top hurdle is having too many pieces of technology without a sole source of truth.
The importance of having the right technology in place is evident, but what many organizations lack is a unified IT security system that leverages XDR and is constantly evolving to protect against the most sophisticated cyber threats.
What are the best practices for individuals and businesses to enhance their online safety?
Tan: Enhancing online safety is not just a good practice – it’s an imperative in our digital age where cyber threats loom large. Singapore, known as the financial hub of the region, saw about 8,500 reports of phishing attempts in 2022, an increase of 175% from the 3,100 attempts reported in 2021 – and this represents just the tip of the iceberg. For individuals, adopting strong password practices and enabling multi-factor authentication are foundational steps that can go a long way in safeguarding personal online accounts. It is also increasingly important to stay informed about the latest cybersecurity threats and exercise caution when dealing with electronic platforms like emails.
For businesses, this is an even bigger issue. Trellix recently determined that 78% of business email compromises involved fake CEO emails using common CEO phrases, asking employees to confirm their direct phone number to execute a voice-phishing scheme. To add to the concern, a striking 82% of these emails are dispatched through free email services, eliminating the need for threat actors to have specialized infrastructure for their campaigns.
In terms of XDR and cybersecurity, what are the trends you see happening in the Asia-Pacific region in the immediate future?
Tan: Cyber criminals’ tactics are becoming increasingly sophisticated across the growing surface of touchpoints, and we have observed a rising trend in loopholes within IT infrastructures and data systems.
Against such complex threats, analysts have forecast that enterprise IT security spending in Singapore will grow at 9.8% CAGR over 2020-2025. While having the right technology in place is important, many companies lack a unified IT security system which continuously evolves to protect against sophisticated cyberthreats. In addition, SecOps teams across the Asia-Pacific region are struggling to cope with siloed, disparate security products.
That being said, despite the growing importance of technology in cybersecurity, the human element remains critical. Amid the ongoing talent crunch, there is a need for an intelligent security platform that can integrate different solutions and simplify processes, helping SecOps teams make smarter decisions more quickly.