Security Experts:

Connect with us

Hi, what are you looking for?


Endpoint Security

Organizations Looking to Invest in Endpoint Security to Improve Incident Response, Detection

A new survey by Enterprise Strategy Group found that improving incident response and detection are driving plans to invest in endpoint security technologies in 2015.

A new survey by Enterprise Strategy Group found that improving incident response and detection are driving plans to invest in endpoint security technologies in 2015.

The research fielded answers from 340 IT and information security professionals working at organizations with 500 employees or more. Eighty-five percent said their organization plans to spend more on endpoint security, with improving incident response (29 percent) and detection (29 percent) cited as the two key reasons. Mitigating risk from targeted attacks was cited by 24 percent.

According to Enterprise Strategy Group (ESG), traditional endpoint security like antivirus and host-based firewalls that rely exact-match signatures and rules are struggling to keep up with the techniques used by today’s attackers.

“The ever-changing threat landscape, combined with rapidly expanding networks and a surge in the number of endpoints in an organization, are creating unique challenges for organizations,” said Jon Oltsik, senior principal analyst at ESG and the author of the research report, The Endpoint Security Paradox, in a statement. “As hackers develop new cyber-attack methods, it’s critical that organizations embrace a holistic, proactive approach to prevent, detect, and respond to endpoint security threats.”

That idea is reinforced by some of the other stats in the report. For instance, 38 percent said their security teams spend a lot of time “firefighting” incidents instead of conducting proactive process improvement or endpoint security strategy. Another 29 percent said endpoint security is based upon too many manual processes, and more than one-third of organizations see endpoint security as a task to achieve compliance requirements.

Sixty-six percent said they have reevaluated endpoint security policies, processes and tools to come up with a plan for improving endpoint security, and more than half (56 percent) have already purchased new endpoint technologies in addition to those used in the past.

In addition, one-third of respondents are integrating endpoint forensics solutions with network forensics and/or security analytic tools on a significant level, while another 39 percent are integrating endpoint and network forensics on a limited basis.

In an email to SecurityWeek, Oltsik said ESG is seeing investment in a few areas: advanced malware protection (companies like Bromium, Bit9 + Carbon Black and Invincea); advanced malware detection (Malwarebytes, Crowdstrike and Cylance) and endpoint forensics (vendors such as Hexis Cyber Solutions, Guidance Software, Bit9 + Carbon Black and EMC’s RSA security division).

“Some tools combine multiple elements of these features like Confer, Triumfant,  Viewfinity, Digital Guardian,” he added. “These market trends are in response to the thought that AV alone is no longer enough.” 

“Investments in endpoint are necessary as the endpoint is where valuable sensitive information such as customer personally identifiable information and corporate intellectual property is located, and where an attacker’s malware ultimately resides,” said Anthony DiBello, director of security at Guidance Software, which sponsored the survey. “Organizations are not looking for ways to identify known attacks, they are looking for ways to proactively root out evasive threats before they have a chance to disrupt the organization, and that cannot be achieved with anti-virus, host based IDS, authentication controls or other legacy endpoint technologies.”

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content

CISO Strategy

Varied viewpoints as related security concepts take on similar traits create substantial confusion among security teams trying to evaluate and purchase security technologies.

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Application Security

Password management firm LastPass says the hackers behind an August data breach stole a massive stash of customer data, including password vault data that...

Application Security

Microsoft on Tuesday pushed a major Windows update to address a security feature bypass already exploited in global ransomware attacks.The operating system update, released...

Endpoint Security

Today, on January 10, 2023, Windows 7 Extended Security Updates (ESU) and Windows 8.1 have reached their end of support dates.

Endpoint Security

The Zero Day Dilemma

Application Security

Electric car maker Tesla is using the annual Pwn2Own hacker contest to incentivize security researchers to showcase complex exploit chains that can lead to...

Application Security

Less than a week after patching critical security defects affecting multiple enterprise-facing products, VMware is warning that one of the flaws is being exploited...