Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

7/15/2019
09:30 AM
Kelly Sheridan
Kelly Sheridan
Slideshows
Connect Directly
Twitter
LinkedIn
Google+
RSS
E-Mail
100%
0%

Where Businesses Waste Endpoint Security Budgets

Too many systems, failure to test tools, and fear of replacement drive endpoint complexity and render products less effective.
Previous
1 of 9
Next

(Image: Drobot Dean - stock.adobe.com)

(Image: Drobot Dean stock.adobe.com)

The endpoint security market is teeming with tools, each promising to help identify and remediate threats better than the rest. New technologies built to fix age-old issues seem a worthy investment, but as businesses are finding, there can be too much of a good thing.

"If there's a problem, there's certainly a technology you can throw at it, and there's certainly no shortage of people in Silicon Valley to tell us that it's so," says Josh Mayfield, director of security strategy at Absolute. Organizations get into a mindset of "throwing money at the problem."

The global information security market is predicted to hit $170.4 billion by 2022, Gartner reports. And as Dark Reading learned in its survey "How Enterprises Are Attacking the Cybersecurity Problem," much of organizations' security budgets are spend on endpoint security: Eighty-four percent of respondents use email security and spam filtering, 81% employ antivirus and anti-malware tools, 75% use endpoint protection, and 68% have invested in data encryption.

As the place where 70% of breaches originate, the endpoint is a prime target for cyberattacks, Absolute found in its "2019 Endpoint Security Trends Report." The most common endpoint products focus on antivirus/anti-malware, encryption, and client and patch management. Over time, as new methodologies arise and new tools appear, businesses want those as well.

The ever-changing threat landscape also influences security spend, says Gus Evangelakos, director of field engineering at Comodo. Fileless attacks are on the rise, as are "living off the land" attacks in which cybercriminals use Powershell and other tools in the environment to conduct reconnaissance and move laterally across the network after they break in.

"That's why you're seeing statistics that attackers are on the network six months before they're detected," Evangelakos says. The motivation to capture these intruders is causing companies to spend more money on more tools – but is their investment paying off? Oftentimes no, experts say. In its study of more than 6 million enterprise devices over a one-year period, Absolute researchers found much of endpoint security spend dissolves when tools eventually fail.

Here, security experts explain where organizations are misspending their endpoint budgets and how it's putting them at risk. Have any insight to add? Feel free to share in the Comments.

 

Black Hat USA returns to Las Vegas with hands-on technical Trainings, cutting-edge Briefings, Arsenal open-source tool demonstrations, top-tier security solutions, and service providers in the Business Hall. Click for information on the conference and to register.

 

Kelly Sheridan is the Staff Editor at Dark Reading, where she focuses on cybersecurity news and analysis. She is a business technology journalist who previously reported for InformationWeek, where she covered Microsoft, and Insurance & Technology, where she covered financial ... View Full Bio

Previous
1 of 9
Next
Comment  | 
Print  | 
More Insights
Comments
Threaded  |  Newest First  |  Oldest First
Salttheworld
100%
0%
Salttheworld,
User Rank: Apprentice
7/15/2019 | 12:04:40 PM
Great Content on Endpoint Security
Thank you for the post as it does hit the nail on the head with what I have seen in organizations as well. There are a lot of point solutions that different teams use which creates a disconnect when it comes to securing an environment.

I think the biggest disconnect and you briefly touched on it when you mentioned tools that "remediate" is between IT and security. a lot of the tools people invest in can detect the problem, but the "remediation" is just creating a report to hand off to another group to go fix. To me, this creates holes in keeping a compliant environment when you have to wait for someone to fix the issues and get back to you when it is finished.

Actual remediation rare and I believe tools that can help connect the IT and Security sides of the house are the tools that are most valuable and worth taking the time to look into.
Lyngiten
50%
50%
Lyngiten,
User Rank: Apprentice
7/16/2019 | 8:03:22 AM
Buisness waste
This new term is really popular today because of circumstances
Lyngiten
50%
50%
Lyngiten,
User Rank: Apprentice
7/16/2019 | 8:04:06 AM
Buisness waste
This new term is really popular today because of circumstances
Data Leak Week: Billions of Sensitive Files Exposed Online
Kelly Jackson Higgins, Executive Editor at Dark Reading,  12/10/2019
Lessons from the NSA: Know Your Assets
Robert Lemos, Contributing Writer,  12/12/2019
4 Tips to Run Fast in the Face of Digital Transformation
Shane Buckley, President & Chief Operating Officer, Gigamon,  12/9/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
The Year in Security: 2019
This Tech Digest provides a wrap up and overview of the year's top cybersecurity news stories. It was a year of new twists on old threats, with fears of another WannaCry-type worm and of a possible botnet army of Wi-Fi routers. But 2019 also underscored the risk of firmware and trusted security tools harboring dangerous holes that cybercriminals and nation-state hackers could readily abuse. Read more.
Flash Poll
Rethinking Enterprise Data Defense
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industrys conventional wisdom. Heres a look at what theyre thinking about.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-8650
PUBLISHED: 2019-12-15
python-requests-Kerberos through 0.5 does not handle mutual authentication
CVE-2014-3536
PUBLISHED: 2019-12-15
CFME (CloudForms Management Engine) 5: RHN account information is logged to top_output.log during registration
CVE-2014-3643
PUBLISHED: 2019-12-15
jersey: XXE via parameter entities not disabled by the jersey SAX parser
CVE-2014-3652
PUBLISHED: 2019-12-15
JBoss KeyCloak: Open redirect vulnerability via failure to validate the redirect URL.
CVE-2014-3699
PUBLISHED: 2019-12-15
eDeploy has RCE via cPickle deserialization of untrusted data