Your daily driver account should not be local admin.
Yes, we need MS Defender/S1/Crowdstrike for EDR, DNS blocking and Mandatory updates etc for security which now is actual money with cyberinsurance that won't pay unless we fulfil certain criteria. This all requires computers to be managed by an MDM.
Take it up with teh bossman.