Blog

Why it’s time to implement Extended Detection Response (XDR), by Jonathan Ashley, co-founder of etiCloud

It’s a given that here at etiCloud, like many other Managed Service Providers (MSPs), we’re really good at helping companies to implement a variety of basic level level security such as multi-factor authentication (MFA) and inline email security. These security products are managed and monitored to a degree, but they lack the automated analysis as compared to the increasing level of threats.

As such, we’ve eagerly been awaiting a shift in pricing for the next generation of security products that we know will give our customers an even more robust line of defence against cyber criminals – Extended Detection Response, or XDR for short.

XDR has been on the mainstream corporate radar for the last 18 months. We’ve been keeping a very close eye on its development and uptake and, up until now, it’s been the sole reserve of large, multinational businesses with vast IT budgets.

What is XDR?

XDR first appeared back in 2018 and the term was coined by Nir Zuk, founder and CTO of Palo Alto Networks. XDR is a cybersecurity technology that is specifically designed to monitor and mitigate cyber security threats. It does this by integrating several concepts into one single solution.

It essentially works by gathering and correlating data across a variety of network points including servers, email, cloud workloads and endpoints. The data is analysed and compared to provide visibility and context which then reveals advanced threats which can be prioritised and mitigated to prevent security collapses and data loss. This, in turn, enables a company to create a much higher level of cyber awareness and allows IT teams to identify and eliminate security vulnerabilities.

Why does my firm need XDR?

It’s a good question, especially when other cyber security tools work well, are more than affordable and are easy to implement. Well, I like to use the analogy of home security. Your house has a front door and windows that you close and lock when you go out. You might also have a garden or driveway gate that you can also shut and a burglar alarm that you turn on. But what happens if someone does manage to get into your home?

Having XDR is like having a Security Ops Centre in place for your home security. There is a system that take photos of the intruders throughout the inside of the building. This same system will inform the police and alarm monitoring personnel who will be on the scene in a matter of minutes, thus any damage or theft is prevented or minimised. They will also make your home secure again after any break-in, so, if you’re away on holiday for example, you don’t have to worry about a repeat attack. Having this system in place in your home would make you feel so much more secure right? This system – the Security Ops Centre or XDR for your firm – is a group of experts and products all of which have your back around the clock.

An increasing number of cyber attacks

There are vast sums of cyber attacks taking place at a low level as you read this post. This unprecedented amount of cyber threat activity is happening behind the scenes and it is being managed very effectively. The activity is increasing daily so our goal is to look at security products that can help pinpoint which are the important threats so they can be addressed and mitigated fast. Please note that this isn’t meant as fearmongering. It is meant to highlight the fact that cyber threats and crime are becoming much more sophisticated so, as we’ve said in many other blog posts, we must constantly strive to improve the level of protection applied.

The next generation of cybersecurity products are utilising AI to collect data on a global scale and analyse this data to spot trends and identify where time and effort should be spent. This dedicated monitoring and management of security takes out all the guesswork and allows us to prevent and learn from cyber attacks. Ultimately it means we’re able to better protect customers and remediate situations immediately before they become much more difficult to deal with.

“Compliance – Prevention – Detection – Response” (CPDR)

In relation to XDR, we’re adopting the above phraseology here at etiCloud.

Compliance is the foundation and we’re implementing it much earlier in our business process and client solutions. It builds on protocols such as Cyber Essentials and products like email protection and enables us to deliver truly wrap-around Cloud solutions.

Prevention is an area we’ve always been good at so we’ll keep being good at this and improving and enhancing wherever we can. Same applies for Detection and XDR is opening up and enabling far more sophisticated systems to detect attacks.

For the most part, Response has been reactionary but, thanks to XDR, it can be instant. We’re now working with several of our clients to ascertain what their response looks like and ensure they have a clearly defined plan for it.

If you’d like to arrange a meeting to discuss the next generation of security products and how best to implement them in your business, please don’t hesitate to contact me on 0333 358 2222 or email: ja@everythingthatis.cloud