MOTEX We asked 1,000 people about emotional systems! Announcing the 2024 edition of “EDR & MDR Usage Survey ”

[MOTEX] We asked 1,000 people about the information system! Announcing the 2024 edition of “EDR & MDR Usage Survey” ​
MOTEX Press release: September 26, 2024 We asked 1,000 people about emotional systems! Announcing the 2024 edition of “EDR & MDR Usage Survey” ~ About 80% of companies answered that they use EDR! While EDR has become widespread, operational issues have also emerged…
https://prcdn.freetls.fastly.net/release_image/10736/196/10736-196-861ec8ab8aae58d36c5b9c69d4303ad2-900×507.png

MOTEX Co., Ltd. (Headquarters: Yodogawa-ku, Osaka, President and CEO: Yoshiro Miyazaki, hereinafter referred to as MOTEX) provides information systems staff at companies with 300 to 5,000 employees with access to EDR and MDR. We will publish a report investigating the actual situation. ​ Click here to download the document (free) ​ “EDR & MDR Usage Survey” 2024 Edition ■Investigation background In recent years, many companies and organizations may be considering introducing EDR (Endpoint Detection and Response) products as a countermeasure against the rampant malware. EDR is a security solution that detects abnormalities and suspicious behavior in the status and communication content of terminals (endpoints) such as PCs, smartphones, and tablets used by users, and supports prompt responses. After detection, by isolating the infected terminal and investigating and analyzing the cause, there are benefits such as preventing the spread of damage and enabling early recovery from security incidents. Additionally, since human resources are required to operate EDR, MDR (Managed Detection and Response), an EDR operation service, has recently been attracting attention. MDR has extensive support such as expert monitoring 24 hours a day, 365 days a year, and follow-up on EDR settings and operation methods, making it an effective service if you have concerns about in-house EDR operation. The reason why EDR and MDR are attracting attention is that existing antivirus products are unable to completely prevent cyber-attacks, which are becoming more sophisticated and intensified. For this reason, companies and organizations are required to take security measures that anticipate in advance the possibility of internal intrusion caused by an attack and quickly respond to the problem. So, as EDR and MDR are becoming more and more popular, what do the users who actually use the products and services find attractive? Or what kind of issues are you facing? This time, MOTEX conducted an “EDR & MDR usage survey” targeting information system personnel at companies with a size of 300 to 5,000 people. ■Overview of “EDR & MDR Usage Survey” Click here to download the document (free) ​ “EDR & MDR Usage Survey” 2024 Edition ​ [Survey details] ・Please tell us the number of PCs you manage. ・Have you introduced EDR? ・Please tell us why you introduced EDR. ・Please tell us about any problems you have with EDR operation. ・Please tell us what was good about introducing EDR. ・Please tell us what you would like to see improved in EDR. ・Have you ever been infected with malware after installing EDR? ・Please tell us how often malware infections are detected by EDR. ・Do you operate EDR in-house or use MDR (EDR operation agency)? ・Please tell us what was good about implementing MDR. ・Please tell us what you would like to see improved about MDR. ・Will you continue to use EDR in the future? ・If you are unsure about continuing, please tell us the reason. -In recent years, an increasing number of users are introducing NDR (*) in addition to EDR. Has your company introduced NDR? ・Please let us know if there are any other security products or services you would like to consider in the future other than EDR. *NDR (Network Detection and Response): A solution for monitoring communication within a network, detecting abnormal movements, and taking action, analysis, and investigation. [Investigation method] ・Survey period: July 26, 2024 (Friday) to July 28, 2024 (Sunday) ・Research method: Internet survey ・Number of people surveyed: 1,006 people ・Survey target: Information system personnel who belong to companies with 300 to 5,000 employees ・Monitor provider: PRIZMA Research ・Research agency: Link and Partners Co., Ltd. ■TOPICS 1: EDR implementation status ~ About 80% of companies answered that they have introduced EDR ~ First, we asked about the number of PCs managed by companies and organizations and the status of EDR implementation.
https://prcdn.freetls.fastly.net/release_image/10736/196/10736-196-59b820899b2126aec8adfe732e51b116-900×415.png When asked, “Please tell me the number of PCs you manage,” most people answered “501 to 1,000 (30.5%),” followed by “1 to 500 (25.9%),” and “1,001 to 1,000.” The result was 2,000 units (25.3%). When asked, “Have you introduced EDR?”, approximately 80% (77.1%) answered, “I have (or have used it in the past).” In this survey, we also made a comparison with the “EDR Survey” conducted in 2022, and found that the number of companies that have introduced EDR has increased by 25%, and that EDR is becoming popular as a means of malware prevention. I did. This shows that the importance of cybersecurity is widely recognized and companies and organizations are taking more advanced security measures. *Click here for the previous “EDR survey” conducted in 2022 (announced in February 2023)
https://www.motex.co.jp/news/news_topics/2023/release220216/ ■TOPICS 2: Reasons for introducing EDR ~ High detection rate is the deciding factor for introduction ~ Next, we asked those who selected “I have introduced EDR (or have used it in the past)” about their reasons for introducing EDR and the challenges they faced in its operation. Image
URL: https://prcdn.freetls.fastly.net/release_image/10736/196/10736-196-819d426935ffc274801e6e881f4440b5-900×371.png When asked, “Please tell me why you introduced EDR (multiple answers allowed),” most people answered “High detection rate (approximately 400 people),” followed by “Fewer false positives (approximately 330 people).” )” and “Easy to install and operate (approximately 300 people).” More than half of the respondents cited “high detection rate” as the reason for introducing the software, and many also cited “few false positives,” indicating that companies and organizations place importance on the ability to quickly and accurately detect malware. That seems to be the case. On the other hand, in response to the question, “Please tell me what problems you have with EDR operation (multiple answers allowed),” the most common answer was “I don’t know how to set up EDR (approximately 290 people),” followed by The result was that there were many false positives (approximately 270 people). While “few false positives” are emphasized as a reason for introducing EDR, the reason behind the fact that “many false positives” are cited as an operational issue is that even if EDR is introduced, it is difficult to set it up to suit the company. This can be difficult and incorrect settings can lead to false positives. It was suggested that it is important to select a product that is easy to operate and suits the company/organization, and to check in advance whether operational support is available. ■TOPICS 3: Implementation status of MDR (EDR operation agency) ~ About 20% of companies use MDR (EDR operation agency) ~ In addition, this survey also investigated the usage status of “MDR”, an EDR operation agency service. When asked, “Do you operate EDR yourself or use an MDR (EDR management agency)?”, approximately 20% (23.8%) answered, “Do you use MDR (or do you use an EDR management agency)?” “I was using it)” was the answer.
https://prcdn.freetls.fastly.net/release_image/10736/196/10736-196-6195fc5bf40d6baa471e13a597f3d461-900×394.png When we asked people who use (or have used) MDR services, “Please tell us what was good about implementing MDR (multiple answers allowed)”, we received “24/7 threat monitoring”. The most common answer was “It will do it for me (about 100 people)”, followed by “It will notify me of an alert (when detected)” (about 80 people). It can be seen that MDR, an EDR operation agency service, is being evaluated to compensate for the lack of resources within companies and organizations. On the other hand, the survey also raised issues regarding MDR. ■ Summary “EDR” has recently become popular as a security product that anticipates internal intrusions in advance and quickly responds to the problem, and “EDR” is an operation agency service that solves resource shortages in companies and organizations. MDR”. The full survey report is a compilation of survey results that can help you understand the benefits and challenges of introducing EDR and MDR from the answers of users who actually use EDR and MDR. We also explain the selection points and pros and cons of implementing EDR/MDR. We hope that the results of this survey will be useful in helping you build a better security system. Click here to download the document (free) ​ “EDR & MDR Usage Survey” 2024 Edition ■About MOTEX (Research source) MOTEX is a “comprehensive security company” whose mission is “Secure Productivity” and helps customers solve cybersecurity issues by providing products and services. We use the technology and extensive knowledge we have cultivated over the years to provide world-class products and services that achieve both safety and productivity and allow our customers to use endpoints, networks, and IT services with peace of mind. . The cybersecurity brand “LANSCOPE” provided by MOTEX offers a wide range of products and services, from endpoint IT asset management, information leakage prevention, and virus protection to security diagnosis and security solutions for networks and cloud environments, and comprehensive consulting. We have it in stock. AI Antivirus/EDR “LANSCOPE Cyber ​​Protection” provides EPP (Endpoint Protection Platform), EDR, and MDR as a countermeasure against external threats, and proposes products and services tailored to the customer’s usage and environment. ■ About “LANSCOPE Cyber ​​Protection”
https://prcdn.freetls.fastly.net/release_image/10736/196/10736-196-89c834ecfe8d148c78146d41671f144f-2080×705.png “LANSCOPE Cyber ​​Protection” is an antivirus that utilizes AI to protect devices from known malware as well as unknown and variant malware. We provide high-performance AI antivirus “CylancePROTECT” and “Deep Instinct” as managed services of MOTEX, and customers can choose between these two types of antivirus software (antivirus) according to their environment and usage.
https://prcdn.freetls.fastly.net/release_image/10736/196/10736-196-65ee4f2e7ee6cf3a3df7b7e07c7a46dd-900×409.png ◎ Click here for details on “CylancePROTECT”, which has many implementation records and can be used with EDR
https://www.lanscope.jp/cyber-protection/cylance/cylanceprotect/ ◎ Click here for details on “Deep Instinct” which is compatible with a wide range of OS and file types
https://www.lanscope.jp/cyber-protection/deepinstinct/ In addition, regarding “Cylance”, we provide “CylanceMDR”, an MDR service that is monitored 24 hours a day, 365 days a year by security experts. By providing all-in-one services ranging from advance prevention of malware to support, monitoring, and analysis by security experts, we support businesses and organizations in implementing external threat countermeasures. ◎ Click here for details on “CylanceMDR,” an MDR service monitored 24 hours a day, 365 days a year by world-class experts https://www.lanscope.jp/cyber-protection/cylance/cylancemdr/ ■ MOTEX company profile Company name MOTEX Co., Ltd. Location MOTEX Shin-Osaka Building, 5-12-12 Nishinakajima, Yodogawa-ku, Osaka 532-0011 Representative Representative Director and President Yoshiro Miyazaki Business details Cyber ​​security product development and service business Capital 20 million yen Shareholders Kyocera Communication Systems Co., Ltd. (capital ratio: 100%) URL
https://www.motex.co.jp/ -The company names, product names, and service names listed are trademarks or registered trademarks of each company. ・The contents listed are as of the date of announcement. Please note that the information may differ from the latest
information. Please contact us from the “LANSCOPE Cyber ​​Protection” service site. ▶ Service site https://www.lanscope.jp/cyber-protection/