While IT teams today have a ‘hero’ status, they have to work with shrinking budgets to keep their organizations protected and resilient…
Amid the raging pandemic and proliferation of hybrid work arrangements, IT teams are stretched with threat detection duties that have increased in complexity and workload. Despite playing a key role in keeping the lights on since 2020, IT teams now have the added challenge of having to protect their organizations’ infrastructure with shrinking budgets, as well as dealing with threats that have arisen because of remote working and become harder to detect, such as increased usage of apps that could leak data and endpoint devices that are not secured. As a result, IT teams are forced to work longer hours, compromising their work quality and possibly the security of their organizations.
What must IT teams do to balance the top priority of ensuring holistic end-to-end cybersecurity with the constraints of cost, overstretched staff, and employees who are inadequately equipped with cyber knowledge and awareness?
CybersecAsia speaks to Koh Kong Meng, Head of Personal Systems, Greater Asia, HP Inc, on HP Wolf Security, the company’s solution to help companies to reduce addressable attack surfaces and enable remote recovery from firmware attacks. We also picked his brains on how IT teams can deal with the enlarged attack surfaces due to increasing Work-From-Home arrangements and the pressing need to modernize cyber security using telemetry, cloud-based intelligence and always-on threat analysis.
CybersecAsia: Using telemetry, cloud-based intelligence information and AI/ML will ease the workload in hybrid work environments, but will complexity also be reduced by HP Wolf Security?
Koh Kong Meng (KM): HP Wolf Security enhances layered security defences and enables seamless integrations with the wider security stack, by combining hardware-enforced software and security features with industry-leading endpoint security services. This reduces the complexity of security management as a result.
HP Wolf Security uses cloud-based intelligence and data gathered via endpoints to enhance threat data collection, while gaining a more rounded view of your business’ security posture by automating alerts from your IoT print devices into your Security Information and Event Management (SIEM) system.
CybersecAsia: With zero trust, there is often the issue of compromised user experience due to the extra steps and administrative processes involved when workers need to get things done fast. How does HP Wolf Security mitigate the processes?
KM: Hardware-enforced technologies like threat containment and isolation, following Zero Trust principles, are transparent to the end-user. This means that they can click on email attachments and download files as they normally would but are safe in the knowledge that if anything is malicious, it is rendered harmless.
Organizations should be aiming for defence-in-depth at the endpoint, from self-healing firmware capabilities to machine-learning-powered anti-malware solutions that are better able to spot new malware variants. This also includes hardware-powered micro-virtualization, which can isolate and contain threats delivered by email, browser-scrolling and downloads, while being transparent to the end-user.
HP Wolf Security is designed and structured to transform experiences in the new normal and beyond – users can go about their work uninterrupted because it does not require users to change their behaviour.
CybersecAsia: With the rise of cyberattacks leveraging weak third-party cyber-defences and also poisoning of software patches, how does HP Wolf Security ensure that the lights are kept on?
KM: Zero Trust principles are needed to stay ahead of modern-day threats. This will make endpoints more resilient, so it is easier to reimage and recover in the event of a destructive attack, as well as to monitor and restart security processes if an attacker tries to disable them.
The next-generation cyber protection extends up to micro-virtualization, where any risky action like clicking on a link or opening an unsolicited email can be executed in a sealed environment running on its own virtualized hardware.
If something bad happens and somehow the endpoint is compromised, the attackers are trapped inside a Virtual Machine (VM) which can then simply be deleted. This means that decisions are made on a case-by-case basis for every service – after verifying a set of controls that might include the user, the device, and its security posture. Also, this helps to contain failure—meaning a compromise of a less important service does not necessarily lead to a major breach.
Furthermore, Zero Trust principles can be extended into the endpoint itself, including device firmware, operating systems, and individual applications. From self-healing firmware and in-memory breach detection to threat containment via isolation, HP Wolf Security reduces the addressable attack surface, and enables remote recovery from firmware attacks, and unknown threats.
Overall, users benefit from robust, built-in protection from the BIOS to the browser, and cloud-based intelligence enhances threat data collection. The result: turning a traditional weakness—the endpoint—into an intelligence gathering strength.
CybersecAsia: How exactly does HP Wolf Security protect SMBs without ‘breaking the bank’? What are the competitive offerings out there in APAC and what makes HP Wolf Security stand out?
KM: Instead of costly upfront IT purchases at HP, we provide subscription-based solutions that gives SMBs the flexibility and bandwidth to invest in digitalizing their business and building new products and services for their customers and employees.
Where cashflow is tight and manpower is lean in SMBs, employees assume multiple roles. Monitoring threats round-the-clock can be time consuming, labour intensive and ineffective. As SMBs grapple with new challenges derived from hybrid work environments, they must ensure employees are equipped with the technology they need to be productive and protected from cyber threats.
To overcome these constraints, HP Wolf Pro Security integrates software capabilities with HP’s hardware security capabilities to deliver superior protection that is simple for IT to acquire, deploy and operate.
- Threat Containment raises the bar in endpoint protection by providing protection that doesn’t rely on detection. Hardware-powered micro-virtualization performs full isolation of threats delivered via all the most common threat vectors, without impacting user experience.
- Malware Prevention is a complete Next-Gen AV that uses a combination of AI-based techniques, like deep learning, and behavioral analysis to provide advanced malware protection through predictive detection.
- Identity Protection provides defense against credential phishing attacks for all popular browsers.
- Integrated with HP’s built-in hardware security capabilities such as Application Persistence, OS Resiliency and Physical Tamper Protection.
CybersecAsia: In the event of some novel way that bypasses HP Wolf Security through unanticipated social media or hardware pathway, what other failsafe features are built into the system to contain the problems?
KM: New to HP Wolf Enterprise Security is Sure Access Enterprise, which applies HP’s unique isolation technology to ensure critical applications are completely safeguarded from any malware lurking on a user’s PC.
HP Sure Access creates hardware-enforced micro-VMs that can protect key applications, forming a virtual air gap between the application and the host PC. The application and data are securely isolated from the host OS, and any malicious actors that may have breached it.
HP Wolf Security is secure by design and intelligent enough to not simply detect threats, but to contain and mitigate their impact, helping individual devices and whole organizations recover quickly in the event of a breach.