To find out where security and IT leaders are focusing their security investments, strategies, and resources with the ever-increasing number of users and endpoints (including desktops, laptops, and mobile devices) accessing corporate networks, we conducted a survey of this year’s RSA Conference attendees. Of the nearly 100 respondents, with most holding the position of a manager/supervisor or C-level executive, more than 50 percent agreed that they were very concerned about the security of corporate endpoints given the prevalence of sophisticated attack vectors like ransomware, disruptionware, phishing and more.
Rising Security Spend and Data breaches
2019 saw a record number of more than 5,000 breaches as well as an unprecedented and unrelenting barrage of ransomware attacks in the U.S. that impacted at least 966 businesses, government agencies, educational institutions and healthcare providers at a potential cost of more than $7.5 billion. It’s no surprise, then, that global cybersecurity spending continues its steep incline – estimated to reach $174 billion by 2022 – as organizations work to thwart attackers and mitigate breaches with additional layers of security controls.
When it comes to how organizations are spending these dollars to protect sensitive data and devices, more than 80 percent of Absolute’s survey respondents at RSAC reported the use of endpoint security tools and multi-factor authentication. More than half of them also relayed that prevention remains the core area of security focus and investment, even though a recent study shows that 60 percent of data breaches are the result of vulnerabilities that the enterprise already knew about but failed to address.
Minimize the Impact with Resilient Strategies
The unfortunate reality is that cybersecurity concerns and spend continue to rise, and yet so do breaches. To best prepare for the inevitable, companies need to look for capabilities that allow their endpoints to quickly heal and bounce back if they should become compromised or removed during an attack. The organizations that adopt such a resilience-based strategy will be the ones who are able to respond and recover quickly and minimize the impact of a breach.
Other key findings from the survey included:
- Nearly three in four respondents were familiar with the concepts of ‘cyber resilience’ and ‘endpoint resilience.’
- A significant population – more than one in three – noted incident response, recovery, or resilience as the most important element of their organization’s strategy, while 55 percent said prevention was key.
- More than three in four respondents reported their organizations are using endpoint security tools, multi-factor authentication, and employee training and education to protect data, devices, and users, while less than half noted the use of tools focused on tracking missing, lost, or stolen devices or ensuring vendor / partner security.
Organizations need complete visibility and real-time insights in order to pinpoint the dark endpoints, identify what’s broken and where gaps exist, as well as respond and take action quickly. Absolute mitigates this universal law of security decay and empowers organizations to build an enterprise security approach that is intelligent, adaptive and self-healing. Rather than perpetuating a false sense of security, Absolute provides a single source of truth and the diamond image of resilience for endpoints.
For more on how IT and security administrators grapple with increasing complexity and risk levels, while also facing mounting pressure to ensure endpoint controls maintain integrity, availability and functionality at all times, and deliver their intended value, download our Endpoint Security Trends Report.