The ever-evolving and complex cybersecurity threats facing public and private sector organizations today require a layered approach to endpoint security, according to a new report by IT solutions provider Trace3.
The report, Solution Trends in Endpoint Security, said the layered approach should be comprised of four key components: endpoint protection platforms, endpoint threat detection & response, threat isolation, and exploit technique mitigation.
“In today’s complex threat environment, companies need to adopt a comprehensive, layered approach to security, which is a challenging task in such as rapidly evolving, crowded market,” said Mark Campbell, VP of Trace3 Research. “It’s critical that companies assess their individual security vulnerabilities and needs, and then design a solution that leverages some of the most innovative security solutions on the market.”
“Our research finds that a significant piece of the market still focuses heavily on malware protection, even as detection is becoming more important,” Campbell added. “Since there is no 100 percent effective prevention solution, detection products should be a key area of attention when beefing up a layered endpoint security stack.”
Trace3 made several predictions regarding the direction of the endpoint security market. First, endpoint security solution providers will operate in an increasingly crowded and well-funded market space. Furthermore, the demand for a consolidated platform is on the rise, but will likely not be a reality in the near-future.
The company believes Microsoft will be a major target for endpoint attacks; consequently, Windows 10 is expected to add substantial built-in prevention, detection and operational features. Additionally, organizations will increasingly turn to open-source and built-in OS features as their primary anti-malware solution instead of investing dollars in traditional antivirus solutions.
The company also expects to see more interest in automation and orchestration. However, “endpoint security will not reach a ‘hands off’ level of maturity in the foreseeable future.”
The report provided a number of recommendations to improve endpoint security including focusing on both prevention and detection, tailoring solutions to the individual users, choosing platforms complementary to the user’s network and other security solutions in use, and conducting an assessment before replacing traditional antivirus solutions to ensure they are not needed or required.
In addition, it is crucial to keep in mind that many security breaches occur through unsecured endpoints outside of an organization’s control, such as employee personal devices. Enterprise security strategies must address this reality.