Data privacy is still unfinished business for many companies. With data privacy laws expanding and tightening globally, compliance has become a complicated process that affects all areas of an organization. Gartner predicts that by 2024, 75% of the world's population will have their data covered by some privacy regulation.
The concept of the network perimeter has expanded dramatically in recent years. Many modern organizations operate in a distributed model, with branch locations and endpoints deployed outside of a physical office. But anything connecting to the corporate network is a potential vector for attackers, who can make their way into the network core (and potentially gain access to an organization’s “crown jewels”) by first compromising a branch office or an endpoint.
In a watering hole attack, threat actors usually have to follow a series of steps. First, they need to research the target and make sure they know the type of website the potential victim frequents. Then, they attempt to infect it with malicious code so that when the victim visits it, the website exploits a vulnerability in the browser or convinces them to download a file that compromises the user device.
Every IT environment – whether it’s on-prem or in the cloud, and regardless of how it’s designed or what runs in it – is made up of endpoints. That’s why Endpoint Detection and Response, or EDR, has typically been one of the pillars of cybersecurity. EDR helps businesses monitor each of their endpoints for security risks so that they can detect problems before they escalate to other endpoints.