Endpoints are the physical devices that connect to and exchange information with a computer network. Endpoints include mobile devices, desktop computers, and servers. Endpoints offer the cybercriminal a common point of entry into your dealership.
Endpoint Detection and Response (EDR) is a solution that analyzes endpoint data looking for signs of malicious behavior. EDR is a valuable tool, but it has a major flaw – it only analyzes endpoint data and therefore can’t detect malicious behavior outside of an endpoint device. For example, suppose that a cybercriminal infiltrates a dealership’s network via an endpoint device. Since the dealership has an EDR solution deployed it identifies the attack and removes the malware from the endpoint device. However, the crafty attacker was able to move laterally through the network from the endpoint device that was initially penetrated. The criminal can now move through the dealership’s network infrastructure to compromise the dealership’s systems, user credentials, and sensitive data. An EDR solution would miss this lateral move.
Remember, cybercrime is big business. The cybercriminal has access to some of the best technologies and expertise on the planet. They wake up in the morning and go to sleep at night thinking about perfecting their craft. When you implement a cyber defense like EDR, the cybercriminal thinks about how to bypass this – and they evolve. The cybercriminal now knows how to elude and trick today’s EDR solutions. The demise of EDR is an example of how an effective cyber defense is one that is constantly evolving. You will not successfully defend against a cyberattack by simply deploying some technology and then forgetting about it. A successful cyber defense requires ongoing assessment of your defenses and of the evolving threat to then craft the best response.
EDR is out and Extended Detection and Response (XDR) is now in. XDR is a more evolved cybersecurity solution than EDR. XDR extends protection beyond just the endpoint device to include network, cloud, and third-party data. An XDR solution leverages user and entity behavior (UEBA) and artificial intelligence (AI) to build profiles of user and device behavior beyond just the endpoint. It’s this type of visibility across the dealership’s entire technical infrastructure that provides a more effective means of identifying suspicious behavior.
