Endpoint security used to be a quasi “set-it-and-forget-it” category at many enterprise organizations. The IT operations team would provision PCs in an approved secure configuration and then install AV software on each system. Of course there were periodic security updates (vulnerability scans, patches, signature updates, etc.), but the endpoint security foundation was set and dry by then.
As Bob Dylan once sang, “the times they are a-changin.’ CISOs realize that these legacy endpoint security methods are no longer enough so they are thoroughly altering endpoint security across their organizations.
ESG is about to publish some new research on endpoint security that illustrates the depth and breadth of some new activities (note: I am an ESG employee). For example, over the last 2 years:
- 66% of organizations say they have re-evaluated their endpoint security policies, procedures, and tools to create a plan for improving endpoint security
- 59% of organizations say they have trained their security team on new malware threats and endpoint security best practices
- 59% of organizations say they have implemented technologies for endpoint profiling and/or continuous monitoring
- 57% of organizations say they have increased the allocation of infosec budget earmarked for endpoint security and associated activities
- 56% of organizations say they have created or increased end-user training programs to better educate them about cyber-threats
- 56% of organizations say they have purchased new endpoint security products in addition to those they’ve used in the past
- 56% of organizations say they have increased network segmentation to enhance endpoint security protection
Clearly, all is not well in endpoint security land so organizations but many organizations are addressing problems head-on across the organization and IT infrastructure. While this is good news overall, the ESG research indicates a lot of haphazard and tactical activities which may lead to further problems down the line.
Rather than panic, CISOs must take the time to align endpoint security with their overall enterprise security strategy. This will require an integrated architecture where endpoint security interoperates with network security, threat intelligence, and security analytics. Those that are not up for this challenge should seek immediate help from service providers.
More soon, there is a lot of intriguing endpoint security research data to blog about!