Skip to Main Content
 

Major Digest Home Endpoint Management Evolves to Autonomous Security - Major Digest

Endpoint Management Evolves to Autonomous Security

Endpoint Management Evolves to Autonomous Security
Credit: Tom Temin, Federal News Network

Autonomous Endpoint Management Takes Center Stage

The landscape of endpoint management has undergone a significant transformation. As cyber threats escalate, organizations are increasingly turning to automation as a means of tackling the numerous tasks associated with this critical function. The contemporary strategy in this realm is now termed autonomous security and, more broadly, autonomous endpoint management. According to Melissa Bischoping, senior director of security and product design research at Tanium, the only way agencies can hope to stay ahead of these threats is by implementing autonomous security technology. Human analysts will continue to play a vital role in security and management processes, but their role will evolve as they learn to work alongside this new technology. Autonomous endpoint management offers numerous benefits, including enhanced employee well-being. A U.K. study found a link between cardiovascular illness and the stress experienced by security teams following ransomware attacks. Bischoping emphasized that every organization should consider implementing autonomous security not only to preserve their security but also to safeguard their workforce's health.

Understanding Autonomous Security

So, what exactly constitutes autonomous security? This technology stack aggregates data, provides observances and guidance, and performs operations based on procedures or playbooks established by cybersecurity and IT staffs. From a product standpoint, it manifests as intelligent agents. Bischoping noted that Tanium's agent-based product is designed to provide comprehensive data from its vast customer base, enabling insights and informed decision-making. This technology stack takes into account aggregated, anonymized information from Tanium's customers. Real-time data is at the core of what they do, providing insights to combat cyber threats, vulnerabilities introduced by widely used applications, updates, and patches, Bischoping said. Comprehensive endpoint control requires ensuring no assets are hidden.

Visibility: The Foundation for Autonomous Endpoint Management

It's no longer sufficient to conduct periodic inventories or manual asset counts. Instead, organizations require continuously updated visibility if they're to have continuous and autonomous endpoint management. This foundation of visibility is crucial for making informed decisions and ensuring the eradication of threats. Bischoping stressed that visibility must track all updates and patches, incident responses, and policy compliance changes. It should also extend to the operation of the autonomous agents, providing transparency into how and why things happened. This allows organizations to make more informed decisions based on real-time data. Moreover, the definition of an endpoint must broaden to include cloud assets and software as a service subscriptions. These often receive updates without prior notice, and Internet of Things devices like cameras and smart doorbells may also access networks. All these components must be considered from a risk management perspective.

Sources:
Published: