McAfee: Changing Business Models Create Endpoint Security GapsMcAfee: Changing Business Models Create Endpoint Security Gaps
CEOs rank cybersecurity as their No. 1 external concern for 2019, ahead of a potential recession.
February 22, 2019
Endpoint security now is more critical than ever as enterprises’ models shift and bring your own device (BYOD) is spreading across organizations globally.
According to a recent Conference Board global survey, U.S. CEOs ranked cybersecurity as their No. 1 external concern for 2019, ahead of a potential economic recession. The survey polled more than 800 CEOs and more than 600 other C-suite executives, primarily from the United States, Asia and Europe.
In order to increase productivity, organizations are shifting more toward allowing employees’ personal devices such as tablet, laptops and smartphones for carrying out office work, according to Global Info Research. The market for BYOD and its security solutions is increasing among emerging countries considering its massive potential to increase productivity, it said.
We spoke with Nathan Jenniges, McAfee‘s senior director of corporate device security, about why endpoint is one of the key threats enterprise businesses need to keep in mind when building their cybersecurity strategy.
Channel Futures: Are many enterprise businesses unprepared when it comes to endpoint threats?
McAfee’s Nate Jenniges
Nathan Jenniges: A large percentage of enterprises certainly are prepared. They have products that support identifying, detecting and protecting against the vast array of threats. The ongoing challenge for a lot of organizations is how to keep all of that up to date with the latest threat landscape. It’s continuously evolving, and the attacks and techniques are always evolving. And the ability to make sure that you’re keeping up to date on the latest operating systems, patches and security technologies from all of your security vendors that you use on those endpoints, including McAfee, is probably one of their bigger operational challenges to ensure that they have that threat landscape appropriately covered.
CF: What are some of the common vulnerabilities?
NJ: Vulnerabilities continue to challenge across the entire software ecosystem, whether it’s the operating systems or the applications that are on top of those. We see a continued identification of those vulnerability gaps … and trying to drive a lot faster updates of those systems and helping the enterprise customers keep those updated so that any vulnerabilities that can be identified can be closed because the real challenge with those is closing that gap between when that vulnerability is identified, and when everyone is updated and protected against it.
CF: Why is endpoint one of the key threats enterprise businesses need to keep in mind when building their cybersecurity strategy?
NJ: Endpoints, whether it’s a PC or a mobile device, remain the most vulnerable point for attack because that’s where the actual end user is. A lot of attacks these days, the targeted attacks, try to take advantage of human vulnerabilities and the human is at the endpoint. So endpoint security…
…will remain a critical element of your overall security landscape inside of an environment.
CF: What impact is BYOD having on endpoint security? Are other trends impacting it?
NJ: One that’s very familiar and we’ve certainly seen is not only BYOD, but just new models of how enterprises are enabling end users to access their business applications and data. The primary piece that’s really driving that is the transition to cloud-based services and cloud applications, which enable a lot broader set of devices to be able to access those cloud-based applications. People have moved to Office 365 or the Google productivity suite. The services can be technically accessed from any device as long as those end users authenticate in securely. So that is what I see is the predominant challenge.
Certainly BYOD is another challenge if users are using their own devices, and it presents an operational challenge for enterprises to be able to ensure that they have the right level of security on those devices and that they’re able to ensure primarily that their corporate data is protected.
CF: Is endpoint security becoming more complicated?
NJ: Endpoint security is not necessarily becoming more complicated. It’s always been an evolution since the beginning and the first endpoint security product … and continuing to try to provide the protection that you need. What I see is one of the bigger challenges that enterprises are having, especially in certain industries, is the broad array of the types of devices and operating systems that they have to support inside of their environments. That tail of computing is getting longer and longer, and providing protection across all of that consistently is a challenge for many organizations.
CF: When building an effective cybersecurity strategy that includes endpoint protection, what are some of the most effective steps to take? Are there common mistakes to be avoided?
NJ: As you’re building out an endpoint security strategy, you certainly need to start with the core fundamentals of how are you going to operationally keep those devices up to date and current with the latest software updates, ensuring that you minimize the threat landscape that can attack that device from a vulnerabilities perspective or the threat tactics.
The second piece is ensuring that you’ve got a comprehensive view of the threat life cycle on these devices and building out your piece that does your core protection, that gets the bulk of the threats out of the environment, but also recognizing that no protection product in the world is perfect. You still have to also have the piece on there to provide detection and visibility to threats that may fly under the radar … whether it’s to your dedicated security operations…
…center or a managed partner that may be managing that security on your behalf. So it’s making sure you have detect, protect and correct, and the ability to remediate and fix anything that you’re seeing in the environment in real time.
From the mistakes perspective, probably the biggest piece is there are cases that customers are not fully utilizing the capabilities of the products that are available. A lot of that is just there’s been a lot of innovation and new capabilities on the endpoint, especially from the endpoint detection and response perspective. There’s a lot more visibility to what’s going on on endpoint than ever before, and the maturity of being able to leverage that is something we see, a lot of customers maturing from that perspective of really fully utilizing the capabilities that they do have available to them.
CF: Does endpoint security pose an increasing challenge for the cybersecurity channel?
NJ: I think the bigger challenge is as we start to really increase our visibility to the threats and the tactics, and understanding of those, the ability to detect those, that’s where the challenge comes in in terms of having the right expertise to understand what you’re seeing and to be able to detect that something needs further investigation. And there’s a lot of elements that we’re seeing coming to market to further help there because the channel side of this is obviously they’re not going to have the people or resources to scale and apply human effort to all of this. So one of the items that’s evolving to help the channel deal with this is a lot more automation-guided investigation … helping people walk through this side of understanding what’s happening on the endpoints and detecting the threats, and being able to take effective and fast remediation steps to improve the overall security posture in those environments.
CF: Looking ahead, do you see any growing trends in endpoint threats?
NJ: The key trend that they’re going to have to keep aware of is historically the bulk of the threats and attacks have been more in the end user-PC landscape, and as we’ve built up a series of technologies and capabilities in this full threat life cycle approach, we’ve made it harder to attack the primary piece where they’ve been able to enter into the enterprises. And as you harden one area, you will eventually see more investment in the attackers into other platforms and technologies. Mobile devices and IoT devices, especially as that starts to further proliferate, are probably two of the fastest-growing areas of the endpoint attack surface that enterprises need to pay attention to.
Read more about:MSPs
About the Author(s)
You May Also Like