Immature security practices make endpoints an easy target in advanced cyberattacks. Security and risk management leaders should follow this guidance to evaluate their current endpoint protection and develop a prioritized roadmap to improve the resilience of their endpoints.
Cyberattacks have become more sophisticated, with threat actors using fileless attacks and identity theft to gain a foothold in the environment. However, not all organizations face the same level of business risk or start from the same baseline of endpoint protection. According to the 2021 Gartner Global Security and Risk Management Governance Survey, roughly half (48%) of the surveyed organizations struggle to find and hire cybersecurity professionals.
Obsolete practices, like relying primarily on preventive controls, such as signature-based antivirus tools, have left many organizations vulnerable to attacks. Prevention alone is not enough. A step up to continual vulnerability assessment (VA), endpoint security tuning, and detection and response are needed to strengthen the endpoint security posture. These capabilities will require increased focus on the expertise, procedures and availability of internal staff to operate these tools.
Every successful attack causes one or several issues to the business, such as disruption and damage to the organization’s reputation, financial loss, critical data loss and subsequent attacks. Regulatory issues may also occur if the data stolen contains information from customers, vendors or third parties.
How can we improve endpoint protection to mitigate these attacks? This research describes the roadmap to enhance endpoint security using five security levels, each containing the respective projects designed to secure an organization against advanced cyberattacks. Accordingly, SRM leaders responsible for endpoint security must:
- Evaluate the risks to their organization.
- Assess the attacker’s landscape.
- Develop a prioritized roadmap to achieve better protection and reduce the endpoint attack surface.
