EXPERT
OPINION
they would never consider at the office,
such as sharing a device with other
family members or using the same
device for both personal and work
activities. Also, the use of Home ISPs
and public Wi-Fi services present an
attack surface that is outside of your IT
or security team’s control.
The biggest financial losses due to
cybercrime occur through Business
Email Compromise (BEC/EAC), where
attackers take over or spoof the account
of a senior manager or executive and
use that account to instruct another
member of staff via email to make a wire
transfer to an overseas account, usually
on the pretext of paying a phony invoice.
With more and more staff members
working remotely, this presents an
opportunity for BEC fraud as the whole
scam relies on communications that are
never confirmed in person.
Phishing campaigns are a threat for
all employees whether they are based
in-house or remote, but for workers
who are not used to working ‘home
alone’ and are now dealing with an
increase in email and other text-based
communications, it can be easier for
them to lose perspective on what is
genuine and what is a scam.
In particular, with a rise in malspam
playing on fears of Coronavirus from
the ‘usual suspects’ like Emotet and
TrickBot, remote workers need to be
extra-vigilant.
Unlike the desktop computers in your
office, which likely never connect to
any other network than the company
intranet, portable devices like laptops and
smartphones used by remote workers can
have a history of network promiscuity.
If such devices are unprotected, you
never really know where they have
been, what they have been connected
to, what peripheral devices have been
plugged into them or what processes
they are running.
What endpoint security
challenges does Digital
Transformation pose?
Digital Transformation means different
things to every company – it can be
hard to pinpoint a definition that applies
to all. However, in general terms, Digital
Transformation is the integration of digital
technology into all areas of a business
resulting in fundamental changes to how
businesses operate and how they deliver
value to customers. Digital Transformation
can mean anything starting from data
storage on the cloud, the connection
of IoT devices to a company network,
migration of documentation and
processes to digital platforms and
virtual access to applications and
services. It means that, no matter what
organisations do today, it is done digitally.
We are more connected to the Internet,
we’re connecting more devices to the
Internet, more data is being stored
and transferred in digital form and
this all means we are subject to more
cyberthreats. The key objective for
cybercriminals is to access and steal our
data and the endpoint (our computers)
is one of the entry points to a wider
network penetration including cloud,
internal and external servers, emails and
everything else that represents monetary
value for them. Increasing connectivity
and digitalisation increase the number
of cyber-risks and endpoint protection
plays an instrumental role in protecting
valuable data and information.
Can you discuss some use cases
for your technology?
Our Autonomous AI Platform defeats
every attack every second of every day.
It is applicable for any organisation
across all sectors and within public or
private domains.
Can you tell us how you
scale your solution to
protect large enterprises?
Our products, solutions and services
are B2B focused and we mainly work
with enterprise clients, as well as public
sector entities. Our solution is scalable
for enterprises of any size and can cater
to as many users as required.
How important is Machine
Learning for endpoint security?
Machine Learning or Artificial Intelligence
(AI) is very important for endpoint
security. If you think about it, a machine
works at machine speed, processing
of data is fast and the decision-making
aspect of it is also fast. When it comes
to next-generation cybersecurity,
traditional on-premise signature database
protection models are ineffective and lack
administrator visibility. Most traditional
and next-gen approaches rely on
scanning files to detect attacks, which
makes them extremely vulnerable to new
attack techniques. The shortcomings of
other products are especially relevant to
today’s live and fileless attacks.
The on-agent AI detection engines allow
SentinelOne to autonomously detect
and respond to malicious behaviour
immediately, offering machine speed
responses such as on-agent remediation
42 Issue 25 | www.intelligentciso.com