Your no-nonsense guide to cyber security: EPP, EDR and MDR, explained

Your no-nonsense guide to cyber security: EPP, EDR and MDR, explained

For more than a decade, good quality anti-virus, anti-malware, patching and firewall software have been the mainstay of cyber defence for small businesses. By focusing on desktop and laptop computers (aka ‘endpoints’ – hence the moniker ‘EPP’ for ‘endpoint protection’), it gave a sufficient level of protection against current threats, relying on the software providers to react to how the cyber security world was evolving.

Endpoint protection is still very much a requirement – but in response to increasingly sophisticated threats from bad actors, it’s time to collectively up our game.

Time to bring in: DNS filtering (anti-phishing) and ransomware protection

By adding DNS filtering and ransomware protection, we get a grouping of software called endpoint detection and remediation (or ‘EDR’). SMEs are far and away the most likely target for phishing attacks; in fact, it’s thought that one in every 323 emails sent to a small business is a phishing attempt.

Despite the added protection, with this cyber security stack there are still some sizeable holes: not least protection against the installation of unauthorised software or the existential threat from malicious scripts that use the programmes built into a computer’s operating system.

Time to bring in: Application control and privileged rights control

Combined, this forms what’s known as extended EDR – or ‘XDR’ for short. By tightly controlling who has access to what data based on the principle of least access necessary to perform a job role, we ensure greater security as well as reducing bloat and increasing the stability of systems. Privileges can be dynamically applied; you can grant extra rights to a member of your team if they make a request to download approved software, for example, in a way that’s completely seamless to the end user.

Time to bring in: AI

Bad actors are already using AI to boost their attack capability and capacity, enabling them to launch tactics at scale. It’s time to start fighting fire with fire. The more sophisticated cyber defences on the market now include AI-powered tools to combat this escalating threat – the ideal final addition to our cyber security stack.

It’s worth saying that AI’s capabilities are seriously impaired if the other cyber security tools you’re using are from different providers because they are limited in how easily they can pass information along the chain. AI, whatever its use case, is always only as good as the data that feeds it. The same goes for AI in cyber security. IT providers and customers alike are now trying to find ways to consolidate their cyber security vendor relationships to improve how AI can be used.

The ultimate solution is to have a single vendor for all your cyber security tools, turbocharged by effective AI. That’s why we’re doing two things for Neos-IT customers:

  1. We’re increasing the amount of cyber security protection so everyone is on XDR. As threat levels only grow, this level of defence is, we believe, essential to doing business today. It protects our customers and allows us to work as fast as possible when threats are detected.
  2. We’re switching our cyber security tools to a single, best in class provider. This allows AI to take a bigger picture view of what’s happening across different lines of defence, as well as providing what we think is the right level of protection at a reasonable cost to our customers.

Take it to the next level: a Security Operations Centre (SOC)

The threat from bad actors never sleeps. AI-powered XDR will detect the latest threats as and when they happen but, to respond as fast as possible, we also recommend a round the clock Security Operations Centre. When an incident happens, it can require an expert level of tech resource at a high scale – which is often a limiting factor for both IT departments and Managed Service Providers.

By outsourcing the management, control and response elements to a SOC, you gain the expertise and capacity to deal with incident response at speed and scale. This is known as M-XDR: the gold standard of cyber security defence for SMEs.

Because we believe that this is the right decision for most of our customers, we’re offering the SOC portion of our recommended cyber security stack at cost price. We’ll be writing to all our customers with a breakdown of the costs, aligned to their existing cyber security arrangements and needs shortly – if you haven’t heard from us already.

Even more: governance, compliance and reporting

As well as the all-important functional elements of your cyber security stack, Neos-IT has the expertise and experience to provide board-level support to customers on governance, regulatory and standards compliance, and reporting. To be truly effective, protections, controls and response protocols require management through compliance, audit and reporting functions. We can perform this vital role as trusted partners to our customers – there not only in a crisis, but to manage the entire process.

To the industry, we say: cyber security for SMEs has evolved. Don’t leave your customers exposed. It’s time we all took responsibility for raising the standards of protection on offer to SMEs, while being mindful of cost and their specific needs. Doing nothing simply isn’t good enough.

Whether or not you’re a current Neos-IT customer, we’d love to talk to you about your cyber security defences – drop us a line or give us a call on 020 7488 6150.