For the past 15 to 20 years, the vast majority of organizations install commercial antivirus software on just about every PC residing on their networks. This resulted in a multi-billion dollar industry dominated by five vendors: Kaspersky Lab, McAfee (Intel Security), Sophos, Symantec, and Trend Micro. AV security efficacy has come into question over the past few years, however, as cyber-criminals and state-sponsored hackers regularly use customized malware and zero-day attacks to circumvent AV and compromise PCs.
Those of us in the cybersecurity community can name-drop dozens of data breaches from the last ten years, but the late 2013 breach at US retailer Target could be considered a game-changer. In addition to the $148 million price tag, the CEO and CIO were both ousted in the wake of the cyber-attack.
In order to accurately assess organizations’ endpoint security technologies, policies, and processes, ESG surveyed 340 IT and information security professionals representing large midmarket (500 to 999 employees) and enterprise-class (1,000 employees or more) organizations in North America. All respondents were responsible for evaluating, purchasing, and managing endpoint security technology products and services.
Endpoint security used to be a quasi “set-it-and-forget-it” category at many enterprise organizations. The IT operations team would provision PCs in an approved, secure configuration and then install AV software on each system. Of course there were periodic security updates (vulnerability scans, patches, signature updates, etc.), but the endpoint security foundation was set and dry by then.
Like all other industry analysts, I offered my prognostications for 2015 in my blog way back in 2014. Prediction #1 on my list: Widespread impact from the cybersecurity skills shortage.
As part of its annual IT spending intentions research, ESG asks IT professionals around the world to identify areas where they have a problematic shortage of IT skills. Over the past three years, information security skills topped this list. In 2014, 25% of all surveyed organizations said they had a problematic shortage of infosec skills.
In 2014, SDN gained a lot of momentum and many organizations are already piloting SDN or planning deployment projects for next year. Good news for network security because SDN holds a lot of promise for improving the role of the network with incident prevention, detection, and response.
The website, Urban Dictionary, defines the expression “don’t poke the bear” as follows:
A phrase of warning used to prevent oneself or others from asking or doing something that might provoke a negative response from someone or something else.
Jon Oltsik is an ESG senior principal analyst and the founder of the firm’s information security service. With over 25 years of technology industry experience, Jon is widely recognized as an expert in all aspects of information security and is often called upon to help customers understand a CISO's perspective and strategies. Recently, Jon has been an active participant with cybersecurity issues, legislation, and technology within the U.S. federal government.
© 2015 by The Enterprise Strategy Group, 20 Asylum Street, Milford, MA 01757 508.482.0188