Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

7/15/2019
09:30 AM
Kelly Sheridan
Kelly Sheridan
Slideshows
Connect Directly
Twitter
LinkedIn
Google+
RSS
E-Mail
100%
0%

Where Businesses Waste Endpoint Security Budgets

Too many systems, failure to test tools, and fear of replacement drive endpoint complexity and render products less effective.
Previous
1 of 9
Next

(Image: Drobot Dean - stock.adobe.com)

(Image: Drobot Dean stock.adobe.com)

The endpoint security market is teeming with tools, each promising to help identify and remediate threats better than the rest. New technologies built to fix age-old issues seem a worthy investment, but as businesses are finding, there can be too much of a good thing.

"If there's a problem, there's certainly a technology you can throw at it, and there's certainly no shortage of people in Silicon Valley to tell us that it's so," says Josh Mayfield, director of security strategy at Absolute. Organizations get into a mindset of "throwing money at the problem."

The global information security market is predicted to hit $170.4 billion by 2022, Gartner reports. And as Dark Reading learned in its survey "How Enterprises Are Attacking the Cybersecurity Problem," much of organizations' security budgets are spend on endpoint security: Eighty-four percent of respondents use email security and spam filtering, 81% employ antivirus and anti-malware tools, 75% use endpoint protection, and 68% have invested in data encryption.

As the place where 70% of breaches originate, the endpoint is a prime target for cyberattacks, Absolute found in its "2019 Endpoint Security Trends Report." The most common endpoint products focus on antivirus/anti-malware, encryption, and client and patch management. Over time, as new methodologies arise and new tools appear, businesses want those as well.

The ever-changing threat landscape also influences security spend, says Gus Evangelakos, director of field engineering at Comodo. Fileless attacks are on the rise, as are "living off the land" attacks in which cybercriminals use Powershell and other tools in the environment to conduct reconnaissance and move laterally across the network after they break in.

"That's why you're seeing statistics that attackers are on the network six months before they're detected," Evangelakos says. The motivation to capture these intruders is causing companies to spend more money on more tools – but is their investment paying off? Oftentimes no, experts say. In its study of more than 6 million enterprise devices over a one-year period, Absolute researchers found much of endpoint security spend dissolves when tools eventually fail.

Here, security experts explain where organizations are misspending their endpoint budgets and how it's putting them at risk. Have any insight to add? Feel free to share in the Comments.

 

Black Hat USA returns to Las Vegas with hands-on technical Trainings, cutting-edge Briefings, Arsenal open-source tool demonstrations, top-tier security solutions, and service providers in the Business Hall. Click for information on the conference and to register.

 

Kelly Sheridan is the Staff Editor at Dark Reading, where she focuses on cybersecurity news and analysis. She is a business technology journalist who previously reported for InformationWeek, where she covered Microsoft, and Insurance & Technology, where she covered financial ... View Full Bio

Previous
1 of 9
Next
Comment  | 
Print  | 
More Insights
Comments
Oldest First  |  Newest First  |  Threaded View
Salttheworld
100%
0%
Salttheworld,
User Rank: Apprentice
7/15/2019 | 12:04:40 PM
Great Content on Endpoint Security
Thank you for the post as it does hit the nail on the head with what I have seen in organizations as well. There are a lot of point solutions that different teams use which creates a disconnect when it comes to securing an environment.

I think the biggest disconnect and you briefly touched on it when you mentioned tools that "remediate" is between IT and security. a lot of the tools people invest in can detect the problem, but the "remediation" is just creating a report to hand off to another group to go fix. To me, this creates holes in keeping a compliant environment when you have to wait for someone to fix the issues and get back to you when it is finished.

Actual remediation rare and I believe tools that can help connect the IT and Security sides of the house are the tools that are most valuable and worth taking the time to look into.
Lyngiten
50%
50%
Lyngiten,
User Rank: Apprentice
7/16/2019 | 8:03:22 AM
Buisness waste
This new term is really popular today because of circumstances
Lyngiten
50%
50%
Lyngiten,
User Rank: Apprentice
7/16/2019 | 8:04:06 AM
Buisness waste
This new term is really popular today because of circumstances
7 Tips for Infosec Pros Considering A Lateral Career Move
Kelly Sheridan, Staff Editor, Dark Reading,  1/21/2020
For Mismanaged SOCs, The Price Is Not Right
Kelly Sheridan, Staff Editor, Dark Reading,  1/22/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
IT 2020: A Look Ahead
Are you ready for the critical changes that will occur in 2020? We've compiled editor insights from the best of our network (Dark Reading, Data Center Knowledge, InformationWeek, ITPro Today and Network Computing) to deliver to you a look at the trends, technologies, and threats that are emerging in the coming year. Download it today!
Flash Poll
How Enterprises are Attacking the Cybersecurity Problem
How Enterprises are Attacking the Cybersecurity Problem
Organizations have invested in a sweeping array of security technologies to address challenges associated with the growing number of cybersecurity attacks. However, the complexity involved in managing these technologies is emerging as a major problem. Read this report to find out what your peers biggest security challenges are and the technologies they are using to address them.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-8003
PUBLISHED: 2020-01-27
A double-free vulnerability in vrend_renderer.c in virglrenderer through 0.8.1 allows attackers to cause a denial of service by triggering texture allocation failure, because vrend_renderer_resource_allocated_texture is not an appropriate place for a free.
CVE-2019-20427
PUBLISHED: 2020-01-27
In the Lustre file system before 2.12.3, the ptlrpc module has a buffer overflow and panic, and possibly remote code execution, due to the lack of validation for specific fields of packets sent by a client. Interaction between req_capsule_get_size and tgt_brw_write leads to a tgt_shortio2pages integ...
CVE-2019-20428
PUBLISHED: 2020-01-27
In the Lustre file system before 2.12.3, the ptlrpc module has an out-of-bounds read and panic due to the lack of validation for specific fields of packets sent by a client. The ldl_request_cancel function mishandles a large lock_count parameter.
CVE-2019-20429
PUBLISHED: 2020-01-27
In the Lustre file system before 2.12.3, the ptlrpc module has an out-of-bounds read and panic (via a modified lm_bufcount field) due to the lack of validation for specific fields of packets sent by a client. This is caused by interaction between sptlrpc_svc_unwrap_request and lustre_msg_hdr_size_v2...
CVE-2019-20430
PUBLISHED: 2020-01-27
In the Lustre file system before 2.12.3, the mdt module has an LBUG panic (via a large MDT Body eadatasize field) due to the lack of validation for specific fields of packets sent by a client.