Efficacy and efficiency can no longer be mutually exclusive outcomes when it comes to endpoint security. Yes, organizations want their cake and they absolutely want to eat it too – they want to detect and stop more threats, but can’t incur much heavy lifting in the process. According to recent research conducted by ESG, while organizations report poor efficacy, as expressed in their antivirus software being unable to detect and prevent new and unknown threats as an endpoint security challenge, four other issues, all operational in nature, topped efficacy as pain points, including:
- Alert fatigue: A quarter of the research respondents shared that they are spending too much time responding to alerts, many of which were false positives.
- Re-imaging: The “rinse and repeat” cycle of re-imaging may be an easy tactical out, but it takes the help desk and employee out of action, so says 23% of participants.
- Manual process: 19% of respondents lamented the lack of integration and automation between security tools, requiring they roll their own integrations.
- Case of the Slows: Agents. Damn agents. 17% cited agents slowing down endpoints and impeding end-user productivity as their top endpoint security challenge.
So, how are organizations responding? Well, the full answer is more than can be covered in a single blog, but suffice to say they’re implementing compensating measures. The actions that organizations have taken over the last two years that have been the most impactful to improving endpoint security posture cover a broad spectrum:
- Awareness and training: About a quarter of the respondents stated they created or increased end-user training. Yup, business email compromises and phishing have gotten harder and harder to identify by the naked eye, hence the need to up end-user IQ for detecting these real fake emails. Another 16% noted they are training their security team on new threat types such as zero-day malware and multi-stage attacks.
- Incremental investment: Another response has been increasing spend on endpoint security.
- Experts: And 20% are sending in the cavalry by getting their security teams more involved.
- Layers: Organizations are also layering in additional controls, with about a third of organizations doing so surgically by applying such controls on their high-valued and more likely to be targeted assets.
Because of the central role endpoints play in cybersecurity attacks, endpoint security is a top of mind concern for IT and cybersecurity professionals. For many, as the research results scream, the requisite design center can be summed up as “efficient efficacy,” the need for new endpoint security solutions from established and emerging brands to detect and prevent a range of attacks without imposing operational overheads that disrupt the business. How? One of the key findings from this research is the central role that services play, both managed and security-as-a-service (SECaaS). More on that in a follow-on blog.