Today, enterprises of all sizes are up against unprecedented security challenges. The growth of remote and hybrid working practices has left IT teams struggling to secure a wider range of endpoints that aren’t always under their direct control. According to figures from YouGov, 37% of UK workers spent some of their week working from home before the COVID-19 pandemic. By September 2021 that had risen to 50%, with 60% saying they would prefer to work remotely at least some of the time.
At the same time, the security landscape grows more threatening, with cyber criminals becoming more sophisticated in how they target their attacks. Last year the UK government’s Cyber Security Breaches survey found that four in ten businesses had experienced a breach or attack in the last 12 months, with that rising to 64% to 65% for medium-sized and larger enterprises. What’s more, the report concluded, a lack of monitoring tools and user monitoring raised the possibility that some attacks were slipping through unrecognised and unreported.
New working practices have opened up new vulnerabilities, and cyber criminals have been quick to exploit them. A 2021 study conducted for HP Wolf Security found that 75% of IT teams surveyed had seen a rise in employees opening phishing links, while 40% of office workers surveyed reported clicking on a malicious email. Almost half (49%) had done so more often since working from home, and 70% of those that had clicked or nearly clicked on a link hadn’t reported it to IT.
To compound the crisis, IT teams have never been under so much pressure. HP’s research shows that the shift to home working has resulted in IT teams spending more time and effort patching endpoint devices, provisioning and securing new devices or triaging threats. The complexity of securing remote and hybrid workforces can be overwhelming. 77% of those HP surveyed said that homeworking was making their job much harder and that burn-out was a serious concern.
In this landscape, traditional software-based endpoint security is no longer up to task. It can provide a decent base level of resilience but can’t safeguard against the full spectrum of malicious email attachments, file downloads, browser exploits, credential theft and phishing links. Software alone can’t detect attacks below the OS level designed to compromise the firmware, or control attacks based on browser-level exploits. Applications designed around recognising malware signatures are powerless to act against script-based fileless threats or zero-day attacks. This is crucial. Google patched out 16 different zero-day vulnerabilities, some critical, from its Chrome browser during 2021. That same browser has a 70% market share.
Hardware-based security meets zero trust
Meeting these challenges requires a new approach. To be more specific, businesses need to consolidate their endpoint security and adopt new security principles anchored in a zero-trust approach, where nothing from device integrity to user identity is taken for granted, and constant behind-the-scenes verification becomes the norm. This starts at the hardware level and extends upwards to cover software and services, minimising vulnerabilities across all endpoints to protect the enterprise as a whole.
The key to this approach is that it’s not just about recognising and blocking attacks but isolating and containing threats and providing automated recovery and remediation. For example, malware that attacks the PC’s BIOS can be difficult to detect, highly persistent and challenging to remove, giving the attacker scope to install ransomware, steal data or infect more applications and devices. HP Wolf Security meets these threats through HP Sure Start, a hardware-based technology that detects when the BIOS has been compromised and automatically restores it.
HP’s Endpoint Security Controller, built into HP’s business and enterprise-grade laptops and PCs, also powers HP Sure Run, which prevents crucial security processes from being disabled by a malware attack by monitoring security-critical processes and repairing and restarting them at any sign of failure. The same controller also enables HP Sure Recover, which allows remote workers or IT teams to securely reimage their devices if the OS is critically damaged or compromised. These hardware-level features add layers of protection you could never get from software alone.
The same applies to HP Sure Click Enterprise, which provides hardware-enforced application isolation and containment. HP Sure Click Enterprise runs each task in a non-persistent micro-virtual machine (micro-VM), which isolates and contains attacks, minimising the attack surface for malicious email attachments, phishing links, file downloads, browser exploits and credential theft attempts without bombarding users or IT teams with unnecessary alerts.
As for emerging fileless or zero-day attacks, HP Wolf Security finds the answer in HP Sure Sense: an AI-based threat prediction technology that uses deep learning to recognise the tell-tale signs of malicious behaviour and malware threats. It can then apply that training to identify new threats before they execute and stop them in their tracks. HP Sure Sense doesn’t replace existing tools but augments and improves them, adding an extra layer of endpoint protection to cover their blind spots. What’s more, because it’s AI-based and designed to work autonomously, it doesn’t need constant updates to remain effective.
Adopting this approach will involve a change of mindset, not to mention new investments in hardware and support, but when there’s an endpoint security crisis brewing, standing still is not an option. HP Wolf Security offers a layered solution that can help your organisation boost its resilience to cyber attacks by detecting and protecting against threats, and prepare you for breaches by boosting your recovery capabilities. With the threat of cyber attacks ever growing and changing, these are the tools you need to be ready for them.
To find out more about streamlining your security stack – and how HP Wolf Security can help – watch our webinar here
