If there is one thing that the Internet excels at, it is putting any information – old and new – literally at your fingertips. Conversely, one of the things it does a terrible job at is qualifying that information, to the point where it becomes increasingly difficult to weed out the good from the bad. If you use technology as part of your work, you must continue to fight valiantly to stay internet and tech savvy just to keep yourself safe, and unfortunately for you, technology security is evolving so quickly even us experts are struggling to keep everyone as savvy as they need to be in 2023. I could bore you to tears with the constant cavalcade of new technology pouring into business these days, but my job is to point out what’s important, and right now, security continues to be priority one.
You should know these new terms. Study like there will be a test on Friday!
Endpoint Detection & Response (EDR) is what the security industry is calling the next generation (really, this generation) malware protection you might have known as “antivirus” back in the late 2000’s and 2010’s. Today’s cyberthreats bear very little resemblance to the viruses we feared in the previous decades, and as such EDR platforms are built to not only detect known viruses, but also monitor suspicious behaviors and information patterns using constantly updated algorithms to spot possibly undocumented but malicious activity. Where the previous generation antivirus may have scanned your computer once a day and quarantined the files it could identify, EDR platforms are built to monitor all activity constantly and act immediately, up to locking down the affected PC and sending out warning flags to security personnel.
Zero-Trust Networking is a relatively new security concept that upends the traditional concept of assuming the devices on your office network should be, by default, allowed access to that network because those computers are “inside the firewall.” Zero trust security basically states that all devices must constantly prove they are safe and legitimate before they are granted access to any protected information or services. The moment they aren’t able to do so (perhaps because of a malware infection or installation of unauthorized software or failed password attempts) zero-trust systems may restrict access to various systems or applications, the internet, or even access to the device itself.
Security Information and Event Management (SIEM) is a security service that insurance companies are increasingly looking for when underwriting clients. Though the name seems to imply otherwise, this is not about throwing a party for security, but instead this is a platform that gathers the large amount of data that your various technologies and services generate as you and your organization uses them, aggregates that data into massive, searchable database that is then scanned by even more algorithms and humans to spot unusual events, security breaches and other items of interest before they have time to turn into front-page news and business destroying events.
Image by Free stock photos from www.rupixen.com from Pixabay