What Makes a PC an Easy Target for Cyberattacks

We know endpoint devices are a major gateway for breaches. But did you know cyber criminals can make dozens of attempts to breach a single device throughout its lifetime? Tools on the dark web and artificial intelligence (AI) are helping attackers scale, putting your fleet at greater risk. Suffice it to say, if there's a crack in your enterprise security armor, attackers will find it.

In a previous post, we talked about establishing device trust by working with secure suppliers. Now, let's talk about what it takes to maintain device trust while a PC is in use. (Spoiler alert: They're connected.)

A Fleet is Only as Secure as its Individual PCs

A security breach is difficult in its own right. But not knowing you've been breached can be even worse. When an attacker is undetected, it means they have more time to access greater privilege across the network to find and exfiltrate sensitive data. According to CrowdStrike's latest Global Threat Report, the average eCrime breakout time decreased from 84 minutes in 2022 to 62 minutes in 2023. The fastest observed breakout time was only two minutes and seven seconds!

Here's what can make a PC an easy and appealing target for attackers:

• Lack of visibility. Organizations invested heavily to secure the operating system (OS) layer in recent years, implementing solutions like SIEM, next-generation antivirus (NGAV) and endpoint detection and response (EDR). As a result, attackers had to turn to softer, less visible targets below the OS, like BIOS and firmware. These attacks are hard to see-executed at a part of the device that's traditionally lacked visibility and observability-therefore increasing the chances of a successful breach.
• Lack of actionability. Often, organizations have dozens of tools in place that operate in siloes. Even if an attack is detected, swift response and remediation can be a major challenge…not to mention a great deal of manual effort to get solutions to work together. Compounded over a fleet of devices, acting on every alert-and doing it quickly-is impossible for IT and security teams that are stretched thin.

A Secure PC Can Be a Powerful Asset in Combatting Cyber Adversaries

As one of the largest global technology and infrastructure providers, Dell thinks about security a lot. That's why we build our commercial PCs to prioritize visibility and actionability right out of the gate. Doing so puts power in the hands of IT and security operations and helps support a Zero Trust strategy. Having more data leads to informed decision-making, helping to catch even the sneakiest emerging threats. Automation enables speedier resolution of potential issues. But how does that manifest at the device level?

Get visibility into the device with built-in defenses and telemetry. Prevention is important, but for a PC to support Zero Trust principles, it must offer detection and response as well. That means spotting changes on a given device. Dell BIOS and firmware verification enables admins to validate device and component integrity at-will, using golden copies stored off-host in a secure cloud. Indicators of Attack (IOA) tracks behavior-based threats, e.g., a BIOS downgrade or chassis intrusion. BIOS Image Capture enables forensic analysis of a corrupted BIOS. These features together provide multiple layers of visibility at the deepest levels of the device.

Each of these security features generates data. For instance, a device may be running an older version of BIOS. Another example could be the chassis was opened on a device. Admins must be able to view this telemetry. That's where the Dell Trusted Device Application (DTD App) comes in. The DTD App bubbles these "below-the-OS" security alerts-or telemetry-up to the OS layer for investigation and response.

These built-in capabilities help Dell deliver the world's most secure commercial PCs.¹ And while all PC manufacturers claim some version of "most secure," Dell is the only one to have earned third-party validation. According to Principled Technologies, Dell is the leader in built-in PC security.

Read the Principled Technologies report to learn what makes Dell the world's most secure commercial PC.

Spring into action. What's visibility if you can't do anything with it? That's why Dell builds PCs with both security and manageability in mind. With the visibility we provide at the device level, both security and IT operations can act faster and more effectively.

• Benefits for SecOps. The DTD App delivers telemetry from built-in security features, enabling "hardware-assisted" security with partners (e.g., CrowdStrike and Intel). Enhance threat detection and response with a steady stream of device-level telemetry. Not only does this strengthen security posture, but organizations also maximize their security investments with hardware and software working together.
• Benefits for ITOps. With the integration of Dell telemetry, admins can apply policies within Microsoft Intune to quarantine an infected device, patch it and/or make changes to its access rights for improved security and compliance. Intel vPro out-of-band management capabilities allow remote management and wipe of devices as needed to ensure fleet and data security.

Built-in Security is Imperative For Cyber Survival

When security is an afterthought and added on after a system is manufactured, it is more difficult to protect and manage, requiring more patches to apply security retroactively in response to new threats. Adding security during product design and development helps protect organizations out-of-the-box. While software certainly has an important role in the ecosystem, it cannot take the place of foundational built-in security. Taking it a step further, when you feed device-level telemetry to your software, you improve threat detection and response. More data = smarter actions.

No other entity is better equipped to secure a PC at the device level than its manufacturer. That's why Dell works tirelessly to build security into PCs, designing them with the adversary in mind. Our goal is to make them more resilient to cyberattacks to keep customers secure in an evolving threat landscape where 100% prevention isn't possible. To learn more about what makes Dell the world's most secure commercial PCs, watch this ISMG interview. If you have any questions, reach out to your rep or contact one of our security specialists.

¹ Based on Dell internal analysis, September 2023. Applicable to PCs on Intel processors. Not all features available with all PCs. Additional purchase required for some features.
* A comparison of security features, Principled Technologies, April 2024. Scope of the study: Dell commissioned Principled Technologies to evaluate Dell, HP and Lenovo security across 10 features.

Public link

Please use the above public link if you want to share this noodl on another website.