The work of a large company’s IT security experts consists of safeguarding the network, the business infrastructure and devices, and all the data processed by the company.
For example, if a business has 10,000 employees, each may use a laptop and/or a desktop, as well as a mobile device and will connect to a server. As such, the total number of devices utilized at an enterprise may be enormous. Alternatively, another company may have a small management cadre of 100, and 10,000 employees involved in production, retaining a relatively low number of endpoint devices, but numerous servers, a production line with its own operating system, and a number of Internet of Things (IoT) devices. These may be used to monitor product distribution or production, for example to monitor dairy cows and the tracking of cattle.
In both cases, the devices used are connected to a corporate network, and as such, IT security experts understand that maintaining protection for all of these devices, the corporate network and stored data is very complicated. They also concede that company security is at risk of being breached, either via a mistake, the negligence of an employee, or due to some form of cyber-attack.
Industry consensus shows that it takes about 150-200 days before companies discover that cyberattackers have impacted their businesses in some way. Such a discovery is followed by an investigation into how malicious code entered the company’s network and what damage it has caused. It may be the case that a company never gets answers to these questions.
When less is more
In many cases ESET has encountered companies simultaneously running a large number of agents up to an incredible 15 to 17 on their network and devices in an attempt to achieve maximum coverage. However, the utilization of a large number of agents, often sometimes from different vendors, creates an environment where they do not play well together. This can have a significant negative impact on system performance, security, and the workload of IT staff who are tasked with managing it all.
As a consequence of this complexity, companies have been experiencing increased pressure on their IT security resources, higher costs and increased risk exposure. Under such conditions they (usually) try to evolve towards reducing the number of agents by choosing platforms where multiple agents can be managed from a single dashboard.
To better meet this need ESET has continued to adapt solutions like ESET Remote Administrator, which was originally designed for the remote management of endpoint device security. Increasing market demand for deeper insight and further security capability has helped give rise to a new product: ESET Security Management Center (ESMC). The new name better reflects the actual functionality of the console.
This solution consolidates the management of a number of powerful technologies into a single dashboard that can increase visibility into the state of the system. This includes, cloud sandbox and also covers ESET Endpoint protection platform for endpoint devices with a wide range of detection technologies, from UEFI protection to ransomware shield.
ESMC is able to provide an administrator with a lot of information on the hardware of individual computers, such as device type, manufacturer, model, serial number, processor, RAM, and disc space. It also monitors all installed software and version numbers, providing the companies deploying the solution comprehensive and clear insight into all devices, hardware, software, and potential security incidents.
Research shows that the East Africa is facing a critical shortage of IT specialists. Another standout issue relates to the low proportion of security experts among IT specialists. Kenya is reported to have only 1700 certified cyber security professionals showing a huge skills gap for large businesses requiring these skills. This industry-wide issue can be confirmed by ESET, challenges shared by companies we have business relationships with and as a conclusion of our ongoing market research.
“Finding good IT specialists is difficult enough but finding good security experts is almost like a Sci-Fi Fantasy,” explains Michal Jankech, Chief Product Manager, ESET. Security experts must have very comprehensive knowledge, however, there are too few of them and their numbers may actually decrease further due to a lack of understanding about their importance to core IT practice.
The “neurosurgeons” of IT specialists
Let’s make a comparison to healthcare specialists. Assume an IT specialist is the equivalent of a general practitioner (GP), then a cybersecurity expert represents a neurosurgeon. IT specialists primarily support an organization’s business, but also help protect corporate networks by setting up hardware and checking basic security settings, functions, and automatic alerts. However, there are many situations where a technical or business need arises that may have a security impact that must be assessed by a security expert. These can include: advanced security settings, enabling remote access and management of IT systems, use of collaborative tools, cloud accessibility, use of encryption and or two factor authentication, as well as managing and securing collected data. To address these and other areas, experts need specialized knowledge and tailor fit tools that assist them tin securing the network, and both searching for and detecting suspicious activities and behaviors.
“It is similar to a GP referring a patient to a neurologist, then on to a neurosurgeon, who then examines a CT scan of the brain and decides whether a suspicious object is a blood vessel or may be something worse. Subsequent analyses determine further diagnostic methods to determine whether the object in question is a blood vessel or a tumor,” Jankech says, describing the work of a security expert
Security services outsourcing—a way forward
According to Jankech, one reason for the lack of such a skill set on the labor market may be the fact that globally, education systems have failed to adapt to the wide gap between supply and demand of such specialized skills. In the past, many countries provided top-level education in various engineering disciplines, but now the market needs top-level IT and more specifically IT security education. But there are simply too few schools and not enough training institutions focusing on the education of security experts.
ESET’s response to the situation has been to invest in an extended offer of security products and services for businesses and organizations. These include ESET Security Management Centre and ESET Dynamic Threat Defense.
ESET Security Management Center provides real-time visibility for on-premise and off-premise endpoints as well as full reporting for ESET enterprise-grade solutions from a single pane of glass securely deployed on premise or in cloud.
ESET Dynamic Threat Defense provides another layer of security for ESET products like Mail Security and Endpoint products by utilizing a cloud-based sandboxing technology to detect new, never before seen type of threats.
Security services for specific corporate needs
At ESET, we know that every company and organization is unique. Therefore, our service offers are configured on needs-based analysis and provide recommendations on what is appropriate for the business in terms of its physical capabilities, network topology, etc. This enables us to cover all the needs of large companies across a wide range of industries.