SMEs are the companies that suffer the most cyber crimes. According to the data reflected ‘Cyber -preparation Report’ of the HISCOX insurer, 45%of small and medium -sized Spanish companies suspend in cybersecurity and are considered as cybernovate, a percentage that is above the data of European countries such as Germany (34%), Netherlands (37%) or France (38%).
All this in a scenario in which the growing scale of cyber attacks and more sophisticated threats have increased, so SMEs must bet on more advanced protection solutions moving from the use of EDR to XDR solutions, improving monitoring, visibility, analysis in all security layers and response in real time. In this sense, Gowtech experts warn that “not all XDR are equal. In the market we can meet always re -rectified platforms such as XDR, completely separated solutions of net detection, records or final points grouped as XDR or also a combination of SIEM traditional and SOAR products.”
SMEs must bet on more advanced protection solutions moving from the use of EDR to XDR solutions
Isidoro López-Brion Santos, responsible for digital technological strategies of the Technology company adds: “An XDR must be able to cover not only Endpoint and Red, but also other sources of detection and context, a layer of shared detection is needed with integrated detections, given that, the separate products do not constitute a solution, to have the ability to give an integrated response, both automatic and manual Layers so that the work of the analyst does not increase proportionally to the information that is collected ”.
For all this, the technological Murcian Gowtech joins this evolution and will work with XDR tools as part of the solutions offered by cybersecurity to provide greater coverage. “It is vital importance to introduce a solution with XDR, which allows to improve decision making and reduce response times, something crucial in attacks, in the face of the limitation of analysis and responses to EDR threats.” These experts highlight five key aspects for which the XDR solution is specially designed:
1. Shared detection layer. The XDR platform must be built on a shared detection layer, which allows to easily find the threats that may arise during the process, allowing analysts to correct the incident at the moment that has been identified.
2. Ensure the entire “Kill Chain” process. XDR solutions are capable of detecting threats that occur in the public cloud, and even at a higher level as an attack on the network, allowing to detect threats more quickly and in the initial stage unlike EDR solutions that could only detect cyber attacks in the final stage. The early detection of the problem is much more extensive coverage, a great advantage for security analysts who identify attacks in the early stages.
3. Identification of related incidents. The XDR solution is able to create a more precise vision of the threat allowing the cybersecurity department to react in much less time.
4. Greater response capacity. Greater coverage at any point in the process is necessary to respond to attacks in the initial phases of the problem and the ability to collect more information about threats, it entails a faster response time.
5. Take care of the user experience. Beyond cybersecurity effectiveness, XDR solutions must also have easy to understand functionalities by the user, but in turn, these solutions must deepen details, files or functional systems that allow a complete and explicit analysis of the incident.
“It is already a reality that SMEs have noticed the importance of investing in cybersecurity and moves in the direction of implanting XDR solutions and services in their operating systems for fear of suffering threats or cyber attacks in their commercial operations,” says Isidoro López-Briones Santos.
