Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

7/15/2019
09:30 AM
Kelly Sheridan
Kelly Sheridan
Slideshows
Connect Directly
Twitter
LinkedIn
Google+
RSS
E-Mail
100%
0%

Where Businesses Waste Endpoint Security Budgets

Too many systems, failure to test tools, and fear of replacement drive endpoint complexity and render products less effective.
Previous
1 of 9
Next

(Image: Drobot Dean - stock.adobe.com)

(Image: Drobot Dean stock.adobe.com)

The endpoint security market is teeming with tools, each promising to help identify and remediate threats better than the rest. New technologies built to fix age-old issues seem a worthy investment, but as businesses are finding, there can be too much of a good thing.

"If there's a problem, there's certainly a technology you can throw at it, and there's certainly no shortage of people in Silicon Valley to tell us that it's so," says Josh Mayfield, director of security strategy at Absolute. Organizations get into a mindset of "throwing money at the problem."

The global information security market is predicted to hit $170.4 billion by 2022, Gartner reports. And as Dark Reading learned in its survey "How Enterprises Are Attacking the Cybersecurity Problem," much of organizations' security budgets are spend on endpoint security: Eighty-four percent of respondents use email security and spam filtering, 81% employ antivirus and anti-malware tools, 75% use endpoint protection, and 68% have invested in data encryption.

As the place where 70% of breaches originate, the endpoint is a prime target for cyberattacks, Absolute found in its "2019 Endpoint Security Trends Report." The most common endpoint products focus on antivirus/anti-malware, encryption, and client and patch management. Over time, as new methodologies arise and new tools appear, businesses want those as well.

The ever-changing threat landscape also influences security spend, says Gus Evangelakos, director of field engineering at Comodo. Fileless attacks are on the rise, as are "living off the land" attacks in which cybercriminals use Powershell and other tools in the environment to conduct reconnaissance and move laterally across the network after they break in.

"That's why you're seeing statistics that attackers are on the network six months before they're detected," Evangelakos says. The motivation to capture these intruders is causing companies to spend more money on more tools – but is their investment paying off? Oftentimes no, experts say. In its study of more than 6 million enterprise devices over a one-year period, Absolute researchers found much of endpoint security spend dissolves when tools eventually fail.

Here, security experts explain where organizations are misspending their endpoint budgets and how it's putting them at risk. Have any insight to add? Feel free to share in the Comments.

 

Black Hat USA returns to Las Vegas with hands-on technical Trainings, cutting-edge Briefings, Arsenal open-source tool demonstrations, top-tier security solutions, and service providers in the Business Hall. Click for information on the conference and to register.

 

Kelly Sheridan is the Staff Editor at Dark Reading, where she focuses on cybersecurity news and analysis. She is a business technology journalist who previously reported for InformationWeek, where she covered Microsoft, and Insurance & Technology, where she covered financial ... View Full Bio

Previous
1 of 9
Next
Comment  | 
Print  | 
More Insights
Comments
Threaded  |  Newest First  |  Oldest First
Salttheworld
100%
0%
Salttheworld,
User Rank: Apprentice
7/15/2019 | 12:04:40 PM
Great Content on Endpoint Security
Thank you for the post as it does hit the nail on the head with what I have seen in organizations as well. There are a lot of point solutions that different teams use which creates a disconnect when it comes to securing an environment.

I think the biggest disconnect and you briefly touched on it when you mentioned tools that "remediate" is between IT and security. a lot of the tools people invest in can detect the problem, but the "remediation" is just creating a report to hand off to another group to go fix. To me, this creates holes in keeping a compliant environment when you have to wait for someone to fix the issues and get back to you when it is finished.

Actual remediation rare and I believe tools that can help connect the IT and Security sides of the house are the tools that are most valuable and worth taking the time to look into.
Lyngiten
50%
50%
Lyngiten,
User Rank: Apprentice
7/16/2019 | 8:03:22 AM
Buisness waste
This new term is really popular today because of circumstances
Lyngiten
50%
50%
Lyngiten,
User Rank: Apprentice
7/16/2019 | 8:04:06 AM
Buisness waste
This new term is really popular today because of circumstances
Navigating Security in the Cloud
Diya Jolly, Chief Product Officer, Okta,  12/4/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: "The security team seem to be taking SiegeWare seriously" 
Current Issue
Navigating the Deluge of Security Data
In this Tech Digest, Dark Reading shares the experiences of some top security practitioners as they navigate volumes of security data. We examine some examples of how enterprises can cull this data to find the clues they need.
Flash Poll
Rethinking Enterprise Data Defense
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industrys conventional wisdom. Heres a look at what theyre thinking about.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-5098
PUBLISHED: 2019-12-05
An exploitable out-of-bounds read vulnerability exists in AMD ATIDXX64.DLL driver, version 26.20.13001.29010. A specially crafted pixel shader can cause out-of-bounds memory read. An attacker can provide a specially crafted shader file to trigger this vulnerability. This vulnerability can be trigger...
CVE-2012-1104
PUBLISHED: 2019-12-05
A Security Bypass vulnerability exists in the phpCAS 1.2.2 library from the jasig project due to the way proxying of services are managed.
CVE-2019-17387
PUBLISHED: 2019-12-05
An authentication flaw in the AVPNC_RP service in Aviatrix VPN Client through 2.2.10 allows an attacker to gain elevated privileges through arbitrary code execution on Windows, Linux, and macOS.
CVE-2019-17388
PUBLISHED: 2019-12-05
Weak file permissions applied to the Aviatrix VPN Client through 2.2.10 installation directory on Windows and Linux allow a local attacker to execute arbitrary code by gaining elevated privileges through file modifications.
CVE-2019-18381
PUBLISHED: 2019-12-05
Norton Password Manager, prior to 6.6.2.5, may be susceptible to a cross origin resource sharing (CORS) vulnerability, which is a type of issue that allows restricted resources on a web page to be requested from another domain outside the domain from which the first resource was served.