A I - DR I V E N E DR The State of Endpoint Insecurity The security professional’s job has become an endless game of cat-and-mouse, continually pursuing invisible attackers that can out-think, out-run, and outsmart most security systems. No matter how efficient and nimble the professional, the attackers are fast, too. And getting faster every day. As a result, endpoints remain vulnerable. It’s not a matter of simply adding additional security personnel. Industry-wide, the IT professional is a scarce commodity with demand far outpacing supply. By 2022, there will be a shortage of 1.8 million IT workers in the United States1, leaving companies even more short-handed to perform day-to-day tasks, much less those that are critical for security. In fact, in a recent survey conducted by ESG, the top two weaknesses of endpoint security staff were the “ability to investigate a cybersecurity incident involving an endpoint to determine root cause and the attack chain,” and “monitoring endpoint status to attain a real-time or near real-time inventory of endpoints on the network.” 2 A I - DR I V E N E DR 3 T HE STAT E O F END PO INT INSECURITY Even for organizations with ample IT staff, endpoint security stack complexity is making their job inefficient and unproductive. The average organization maintains seven different software agents installed on endpoints1. As a result, much of their IT team is forced to wade through a burgeoning thicket of binary bloat and false alerts, diverting their attention from more critical enterprise pursuits. In fact, roughly one-third of analysts’ time1 is being spent on processing alerts that have unknowingly already been processed, a huge drain on overall efficiency. ESG summarized the issue as “endpoint security staff often struggle to monitor endpoint security, investigate events, and take remediation actions in collaboration with IT operations. Given the global cybersecurity skills shortage, endpoint security solutions must improve threat prevention efficacy, simplify the investigations process, and offer automated remediation functions for cybersecurity and IT staff.” 1 CylanceOPTICS Infographic: Case for a New Approach to EDR Key Weaknesses of Endpoint Security Staff Endpoint security staff often struggle to monitor endpoint security, investigate events, and take remediation actions in collaboration with IT operations. Given the global cybersecurity skills shortage, endpoint security solutions must improve threat prevention efficacy, simplify the investigations process, and offer automated remediation functions for cybersecurity and IT staff. Original survey question: Which of the following do you consider your organization’s biggest weaknesses as it pertains to the individual(s) responsible for endpoint security? © Ability to investigate a cybersecurity incident involving an endpoint to determine root cause and the attack chain 16% Monitoring endpoint status to attain a real-time or near real-time inventory of endpoints on the network 16% Ability to remediate without re-imaging an endpoint system 14% Resource availability to deploy and configure new endpoint security tools 14% 2019 by The Enterprise Strategy Group, Inc. All Rights Reserved.