Written on 27/01/2023

According to the data reflected in the 'Cyberpreparation Report' of the insurer Hiscox, 45% of small and medium-sized companies fail in cybersecurity and are considered cyber newcomers, a percentage that is above the data of European countries such as Germany (34% ), the Netherlands (37%) or France (38%).

All this in a scenario in which the growing scale of cyber attacks and more sophisticated threats have increased, so that small and medium-sized companies must bet on more advanced protection solutions, going from the use of EDR (Endpoint Detection and Response) to XDR (Extended Detection and Response) solutions, improving monitoring, visibility, analysis in all layers of security and response in real-time. In this sense, the GOWtech experts warn that “not all XDRs are the same. In the market, we can find SIEM Platforms relabeled as XDR, completely separate network detection, registry or endpoint solutions bundled as XDR or also a combination of traditional SIEM and SOAR products”.

Isidoro López-Briones Santos, head of digital technology strategies at the technology company adds: "An XDR must be able to cover not only Endpoint and Network, but also other sources of detection and context, a shared detection layer is needed with integrated detections, Given that separate products do not constitute a solution, having the ability to provide an integrated response, both automatic and manual that carries recommendations and an experience for analysts that integrates the different layers so that the analyst's work does not increase proportionally to the information that is collected”.

For all this, GOWtech joins this evolution and will work with XDR tools as part of the cybersecurity solutions it offers to provide greater coverage. "It is vitally important to introduce a solution with XDR, which allows for improved decision-making and reduced response times, something crucial in attacks, given the limitation of analysis and responses to EDR threats." These experts highlight five key aspects for which the XDR solution is specially designed:

  1.  Shared detection layer. The XDR platform must be built on a shared detection layer, which makes it easy to find threats that may arise during the process, allowing analysts to correct the incident as soon as it has been identified.
  2.  Secure the entire “Kill Chain” process. XDR solutions are capable of detecting threats that occur in the public cloud, and even at a higher level such as network attacks, allowing threats to be detected faster and at an early stage than EDR solutions that could only detect cyberattacks in the final stage. Early detection of the problem means much more extensive coverage, a great advantage for security analysts who can identify attacks in the early stages.
  3.  Identification of related incidents. The XDR solution is capable of creating a more accurate view of the threat, allowing the cybersecurity department to react in much less time.
  4.  Greater responsiveness. Greater coverage at any point in the process is required to respond to attacks early in the problem, and the ability to gather more threat information leads to faster response time.
  5.  Take care of the user experience. Beyond the effectiveness in cybersecurity, XDR solutions must also have functionalities that are easy to understand by the user, but in turn, these solutions must delve into details, files or functional systems that allow a complete and explicit analysis of the incident.

“It is already a reality that small and medium-sized companies have realized the importance of investing in cybersecurity and are moving in the direction of implementing XDR solutions and services in their operating systems for fear of suffering threats or cyberattacks in their business operations”, maintains Isidoro López-Briones Santos.

Alvaro is Cyber Security manager for BATSOFTWARE.CO.UK

All news