Endpoint Security Needs “Efficient Efficacy”

endpoint_security_suite.jpgAs we ease into 2018, endpoint security technology is in play. Next-generation players like Barkly, Cylance, and SentinelOne offer products based upon machine learning algorithms to block traditional and new types of threats. EDR experts like Carbon Black, CrowdStrike, and Cybereason monitor PC behavior looking for anomalous activity. Meanwhile, traditional vendors like McAfee, Sophos, Symantec, Trend Micro, and Webroot are buying companies and adding new functionality to their products to provide a one-stop endpoint security shop.

Yup, everyone is intent on providing the whole endpoint security enchilada and based upon ESG research, large organizations are also moving in this direction—87% of enterprises believe they will buy a comprehensive endpoint security suite to address new requirements.

Beyond the move to suites, what are organizations really looking for with new types of endpoint security technologies? ESG recently asked this question to 385 cybersecurity professionals. Here’s what they said:

  • 26% of cybersecurity professionals say that the most important consideration for endpoint security technology is to increase the efficacy when dealing with new types of threats. In other words, they want tools that can detect and block a higher percentage of overall known and unknown exploits and malware. 
  • 26% of cybersecurity professionals say that the most important consideration for endpoint security technology is to improve operational efficiency for end-users, IT, and the security team. This means that endpoint security technology must be much easier to deploy, configure, operate, analyze, and use on a day-to-day basis. 

Allow me to provide a bit of analysis to this data:

  1. The move toward new technologies suggests that many endpoint security tools are not blocking enough exploits and malware. This not only leads to compromised systems but also creates a lot of security/IT operations work like detecting security incidents, quarantining devices, reimaging systems, etc.
  2. These endpoint security processes exacerbate a more fundamental problem—there’s more security work than there are people to do the work. Oh, and the skills shortage is making this situation progressively worse.
  3. Yes, end-users should be encouraged to participate in strong security hygiene, but we can’t expect them to put up with security tools that disrupt their productivity.
  4. CISOs have had enough. They need new types of security tools (in this case, endpoint security suites) that increase the number of blocked threats and decrease the amount of work necessary to do so—for all involved parties. 

My colleague Doug Cahill has captured this analysis extremely succinctly. According to Doug, large organizations are looking for endpoint security suites that offer, “efficient efficacy.” In this way, they promote better security while streamlining operations, making security a bit less burdensome all around. 

I couldn’t say it better myself. 

Topics: Cybersecurity endpoint security antivirus