Cooperation Key Theme at Microsoft Endpoint Security Summit
Choices in security products, safe deployment practices and long-term security goals were the topics of discussion at Microsoft’s Windows Endpoint Security Ecosystem Summit.
“SentinelOne thanks Microsoft for its leadership in convening the Windows Endpoint Security Ecosystem Summit,” says Ric Smith, Chief Product and Technology Officer, SentinelOne.
With the proliferation of endpoints - laptops, phones, IoT devices - and the more displaced nature of work due to hybrid and remote working, endpoint security has grown in importance.
The tech titan therefore brought together a diverse group of endpoint security vendors and government officials from the US and Europe to build strategies for improving resilience and protecting critical infrastructure, key themes that will shape the future of Windows security.
Aims of Windows Endpoint Security Ecosystem Summit
The event, whilst not a decision-making meeting, was attended by representatives of leading companies in the cybersecurity industry: Broadcom, CrowdStrike, ESET, SentinelOne, Sophos, Trellix, and Trend Micro, in a move that emphasised the importance of transparency and community engagement in the face of evolving cybersecurity challenges.
“We appreciated the opportunity to join these important discussions with Microsoft and industry peers on how best to collaborate in building a more resilient and open Windows endpoint security ecosystem that strengthens security for our mutual customers,” said Drew Bagley, VP & Counsel, Privacy and Cyber Policy at CrowdStrike.
The recent CrowdStrike incident in July served as a stark reminder of the responsibility security vendors bear in driving both resilience and adaptive protection.
A primary takeaway from the summit was the consensus that both endpoint security vendors and customers benefit from having options for Windows and choices in security products.
Given the vast array of endpoint products available in the market, participants acknowledged a shared responsibility to enhance resilience through open information sharing about product functionality, update processes, and disruption management.
“As a long-time Microsoft Virus Initiative (MVI) Partner, Broadcom recognises that working closely with Microsoft and other security vendors not only helps improve our customers’ security posture, including endpoint protection, but also the greater global digital ecosystem,” explains Adam Bromwich, CTO and Head of R&D, Enterprise Security Group at Broadcom.
In the near term, a significant focus was placed on Safe Deployment Practices (SDP), with Microsoft detailing its approach and participants exploring the creation of shared best practices.
This collaborative effort aims to address common challenges in safely rolling out updates to the diverse Windows ecosystem, including strategies for measured rollouts and the ability to pause or rollback updates when necessary.
Additional short-term enhancements discussed included increased testing of critical components, improved joint compatibility testing across diverse configurations, better information sharing on product health, and enhanced incident response effectiveness through tighter coordination and recovery procedures.
The future of endpoint security
Looking to the future, the summit explored longer-term steps to serve resilience and security goals.
“The summit was an important and encouraging first step in a journey that will produce incremental improvement over time,” explained Joe Levy, CEO at Sophos.
Microsoft plans to introduce new platform capabilities in Windows, building upon the security investments made in Windows 11.
These capabilities aim to provide more security options to solution providers outside of kernel mode, responding to calls from both customers and ecosystem partners.
Key areas of discussion for this new platform included performance needs outside of kernel mode, anti-tampering protection for security products, security sensor requirements, and secure-by-design goals for future platforms.
Microsoft has committed to continuing the design and development of these new platform capabilities in collaboration with ecosystem partners, aiming to enhance reliability without compromising security.
The summit also highlighted practical steps that customers can take to increase resilience in their current deployments. These vendor-neutral recommendations include implementing robust business continuity planning, developing a comprehensive major incident response plan, and regularly backing up data securely.
The Windows Endpoint Security Ecosystem Summit marks a significant step towards a more collaborative and resilient approach to Windows security. The emphasis on transparency, shared best practices, and ongoing collaboration sets a positive tone for the industry's collective efforts to stay ahead of adversaries and protect critical infrastructure.
******
Make sure you check out the latest edition of Cyber Magazine and also sign up to our global conference series - Tech & AI LIVE 2024
******
Cyber Magazine is a BizClik brand