As I’ve written several times, endpoint security used to be synonymous with a single software product category – antivirus software. As a result, the endpoint security market was really dominated by five major vendors: Kaspersky, McAfee, Sophos, Symantec, and Trend Micro.
Fast forward to the past few years and APTs, sophisticated malware, targeted attacks, and zero-day exploits are now changing the endpoint security landscape.
This situation is illustrated in a recently-published ESG research report titled, The Endpoint Security Paradox (note: I am an ESG employee). As part of this research, ESG surveyed 340 IT and security professionals working at enterprise organizations (i.e. more than 1,000 employees). Survey respondents were asked whether they agreed or disagreed with a series of statements about endpoint security. Here are three data points that characterize the state of endpoint security:
- 80% of security professionals strongly agree or agree with the statement: “Managing endpoint security processes and technologies has become more difficult over the past few years.”
- 63% of security professionals strongly agree or agree with the statement: “There is no single endpoint security vendor that delivers a product suite that can meet all of my organization’s requirements.”
- 41% of security professionals strongly agree or agree with the statement: “We can’t really secure endpoints as we’d like to because endpoint security requires too many specialized products/agents.”
Taken together, infosec pros are saying that endpoint security is getting harder and they don’t believe they have anywhere to turn for answers. From a market standpoint, this means that:
- The AV five have some marketing work to do. In reality, AV products contain numerous features that most users either don’t know about or don’t use. To bridge this gap, Kaspersky, McAfee (Intel Security), Sophos, Symantec, and Trend must educate customers on product capabilities, add new features for advanced malware prevention/detection, and crank up their marketing machines to gain more visibility and change minds in the market. This to-do list is also applicable for others equated with AV, like Malwarebytes, Microsoft, and Webroot.
- Upstarts should pounce on market perceptions and opportunities. Established vendors (i.e. Cisco, FireEye, IBM, Palo Alto, etc.) and VC-backed startups (i.e. Confer, CrowdStrike, Cylance, Digital Guardian, Viewfinity, etc.) should try and convince skeptical security pros that they offer the whole enchilada. One of these vendors will likely have the chutzpah to suggest that users replace AV with their new wave endpoint security wares.
- Professional services will shine. The ESG research also reveals that 57% of enterprise organizations use professional and/or managed services for some aspect of endpoint security (more on this soon). This means that services pros like CSC, Dell SecureWorks, HP, Unisys, and Verizon could swoop in to help overwhelmed CISOs lighten their workloads. The services angle may also work for Symantec as it has the portfolio to shift customers from AV to managed services.