The Challenge of Endpoint Security
From all accounts, dealing with endpoint security is only going to get harder. In fact, according to an article on SolutionsReview, by Ben Canner, it “looks poised to become more complex” in 2020. What new elements can make it even more challenging to implement?
For one, organizations must adapt to the increasing complexity of hackers and their cyberattacks in 2020. Hackers never sleep; instead, they continually work to improve their cyberattacks, constantly evolving the threat landscape. Therefore, “your business must deploy an endpoint security solution that can keep up with this deluge of malware,” explains Canner.
What’s more, companies must adapt to the changing technological landscape when considering cybersecurity. Different devices and network connections require different endpoint capabilities to protect them. “After all,” writes Canner, “the threats facing these new technologies won’t resemble the threats of the past.”
Louis Columbus, writing on Forbes, goes even further, suggesting that protecting endpoints will be paramount in the future. “Attacking endpoints with AI, bots, and machine learning is gaining momentum with cybercriminals today with no signs of slowing down into 2020, making endpoint security a must-have cybersecurity goal for next year.”
Cyberattacks are Getting More Sophisticated
Cyberattacks are growing more complex and difficult to prevent, and this will only accelerate in the future, thus making endpoint security a top goal in 2020. Cybercriminals, he explains, are using structured and unstructured machine learning algorithms to hack organizations’ endpoints with increasing frequency. “Endpoint attacks and their levels of complexity will accelerate as cybercriminals gain greater mastery of these techniques,” he notes.
Simple economics come into play, as well. Some sources say that cybercrime costs the global economy $400-plus billion a year, with the cost of an average data breach expected to exceed $150 million by 2020. The cost of cybercrime will continue to increase as more businesses and consumers migrate to the cloud, notes an article on World Wide Technology.
In response to all of this, observes Columbus, endpoint protection providers are adopting machine learning-based detection and response technologies; providing more cloud-native solutions that can scale across a broader range of endpoints; and designing in greater persistence and resilience for each endpoint.
He also points to a recent IDC survey, Do You Think Your Endpoint Security Strategy Is Up to Scratch?, which says that “companies should seek to build resilience—on the assumption that breaches are inevitable—and look for ‘security by design’ features that facilitate or automate detection and recovery.” IDC surveyed 500 senior security executives globally.
Protect Your Organization from Threats
WWT suggests that “the easiest way to examine endpoint protection solutions is to look at those designed to secure endpoints before an attack versus those focused on containing a breach after an attack. An endpoint protection suite (EPS) covers the window of compromise between vulnerability and breach and is the best defense before a breach occurs. This suite will deliver the critical security components, while providing security intelligence, operational availability and maximising business productivity.”
Another survey, this one from SANS, shows that, while conventional devices such as desktops and servers represent the largest segment of endpoints connected to the network, come 2020 and beyond, the number and variety of endpoints will grow quickly. “Building security and control system devices are being gathered under the umbrella of endpoint management, and business needs are driving the inclusion of both employer-owned and employee-owned mobile devices,” SANS reports.
Organizations are still being compromised, it says, with the primary target data being logins, access control, and sensitive information. Accordingly, the most common device targets will be desktops, laptops, and servers, since they are most likely to contain that kind of information. Regarding the future: “As mobile devices become more prevalent on company networks, these devices are likely to become targets more often.”
How to Manage Endpoint Security in 2020
What needs to change in 2020, according to the IDC research, is that many organizations must manage endpoint security strategically, have an inconsistent approach across different endpoint types, and begin to fully comprehend the risks associated with all endpoints.
Not doing so “results in inadequacies in processes and procedures, such as failing to include security capabilities in endpoint procurement requirements or retaining legacy devices even after they are found to have intrinsic security vulnerabilities,” IDC writes.
Organizations, in the coming years, need to understand that when acquiring new devices, security must be a primary consideration, after factors such as cost and performance. “What organizations fail to appreciate,” states IDC, “is that once an endpoint has been compromised and provided an entry point to their network, the cost and damage to the business can be far greater than the savings they made or gains they achieved.”
So, what are some of the issues to be on the lookout for as we begin the ‘20s in a couple of months? The IDC research offers up these:
- Threats to endpoints come at all levels (firmware, BIOS, OS, application layer)
- Firmware-level malware infections threaten all endpoints from PCs to printers
- Intrinsically vulnerable devices should be retired according to strictly enforced policy
- Start with good security hygiene across PCs and printers
- Incorporate endpoint security within overall cybersecurity strategy and ensure you remain up to date with threat trends
- Include all endpoints equally in the endpoint security plan, not just PCs.