Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

7/15/2019
09:30 AM
Kelly Sheridan
Kelly Sheridan
Slideshows
Connect Directly
Twitter
LinkedIn
RSS
E-Mail
100%
0%

Where Businesses Waste Endpoint Security Budgets

Too many systems, failure to test tools, and fear of replacement drive endpoint complexity and render products less effective.
Previous
1 of 9
Next

(Image: Drobot Dean - stock.adobe.com)

(Image: Drobot Dean stock.adobe.com)

The endpoint security market is teeming with tools, each promising to help identify and remediate threats better than the rest. New technologies built to fix age-old issues seem a worthy investment, but as businesses are finding, there can be too much of a good thing.

"If there's a problem, there's certainly a technology you can throw at it, and there's certainly no shortage of people in Silicon Valley to tell us that it's so," says Josh Mayfield, director of security strategy at Absolute. Organizations get into a mindset of "throwing money at the problem."

The global information security market is predicted to hit $170.4 billion by 2022, Gartner reports. And as Dark Reading learned in its survey "How Enterprises Are Attacking the Cybersecurity Problem," much of organizations' security budgets are spend on endpoint security: Eighty-four percent of respondents use email security and spam filtering, 81% employ antivirus and anti-malware tools, 75% use endpoint protection, and 68% have invested in data encryption.

As the place where 70% of breaches originate, the endpoint is a prime target for cyberattacks, Absolute found in its "2019 Endpoint Security Trends Report." The most common endpoint products focus on antivirus/anti-malware, encryption, and client and patch management. Over time, as new methodologies arise and new tools appear, businesses want those as well.

The ever-changing threat landscape also influences security spend, says Gus Evangelakos, director of field engineering at Comodo. Fileless attacks are on the rise, as are "living off the land" attacks in which cybercriminals use Powershell and other tools in the environment to conduct reconnaissance and move laterally across the network after they break in.

"That's why you're seeing statistics that attackers are on the network six months before they're detected," Evangelakos says. The motivation to capture these intruders is causing companies to spend more money on more tools – but is their investment paying off? Oftentimes no, experts say. In its study of more than 6 million enterprise devices over a one-year period, Absolute researchers found much of endpoint security spend dissolves when tools eventually fail.

Here, security experts explain where organizations are misspending their endpoint budgets and how it's putting them at risk. Have any insight to add? Feel free to share in the Comments.

 

Black Hat USA returns to Las Vegas with hands-on technical Trainings, cutting-edge Briefings, Arsenal open-source tool demonstrations, top-tier security solutions, and service providers in the Business Hall. Click for information on the conference and to register.

 

Kelly Sheridan is the Staff Editor at Dark Reading, where she focuses on cybersecurity news and analysis. She is a business technology journalist who previously reported for InformationWeek, where she covered Microsoft, and Insurance & Technology, where she covered financial ... View Full Bio
 

Recommended Reading:

Previous
1 of 9
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Lyngiten
50%
50%
Lyngiten,
User Rank: Apprentice
7/16/2019 | 8:04:06 AM
Buisness waste
This new term is really popular today because of circumstances
Lyngiten
50%
50%
Lyngiten,
User Rank: Apprentice
7/16/2019 | 8:03:22 AM
Buisness waste
This new term is really popular today because of circumstances
Salttheworld
100%
0%
Salttheworld,
User Rank: Apprentice
7/15/2019 | 12:04:40 PM
Great Content on Endpoint Security
Thank you for the post as it does hit the nail on the head with what I have seen in organizations as well. There are a lot of point solutions that different teams use which creates a disconnect when it comes to securing an environment.

I think the biggest disconnect and you briefly touched on it when you mentioned tools that "remediate" is between IT and security. a lot of the tools people invest in can detect the problem, but the "remediation" is just creating a report to hand off to another group to go fix. To me, this creates holes in keeping a compliant environment when you have to wait for someone to fix the issues and get back to you when it is finished.

Actual remediation rare and I believe tools that can help connect the IT and Security sides of the house are the tools that are most valuable and worth taking the time to look into.
Commentary
Ransomware Is Not the Problem
Adam Shostack, Consultant, Entrepreneur, Technologist, Game Designer,  6/9/2021
Edge-DRsplash-11-edge-ask-the-experts
How Can I Test the Security of My Home-Office Employees' Routers?
John Bock, Senior Research Scientist,  6/7/2021
News
New Ransomware Group Claiming Connection to REvil Gang Surfaces
Jai Vijayan, Contributing Writer,  6/10/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: Zero Trust doesn't have to break your budget!
Current Issue
The State of Cybersecurity Incident Response
In this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-31476
PUBLISHED: 2021-06-16
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 10.1.3.37598. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the han...
CVE-2021-31477
PUBLISHED: 2021-06-16
This vulnerability allows remote attackers to execute arbitrary code on affected installations of GE Reason RPV311 14A03. Authentication is not required to exploit this vulnerability. The specific flaw exists within the firmware and filesystem of the device. The firmware and filesystem contain hard-...
CVE-2021-32690
PUBLISHED: 2021-06-16
Helm is a tool for managing Charts (packages of pre-configured Kubernetes resources). In versions of helm prior to 3.6.1, a vulnerability exists where the username and password credentials associated with a Helm repository could be passed on to another domain referenced by that Helm repository. This...
CVE-2021-32691
PUBLISHED: 2021-06-16
Apollos Apps is an open source platform for launching church-related apps. In Apollos Apps versions prior to 2.20.0, new user registrations are able to access anyone's account by only knowing their basic profile information (name, birthday, gender, etc). This includes all app functionality within th...
CVE-2021-32243
PUBLISHED: 2021-06-16
FOGProject v1.5.9 is affected by a File Upload RCE (Authenticated).