Spending on cyber security solutions has exploded in recent years. Tens of billions of dollars are now spent every year on new tools to protect companies from the threat of cybercriminals. Although the move toward greater prevention and protection is fundamentally positive, attackers are becoming more sophisticated and finding new ways to penetrate organizations.
Torsten George, VP at Absolute Software, explores the question of how companies can guarantee the integrity of devices and applications even with growing IT environments:
Research shows that cyber attacks increased by 77 percent between 2021 and 2022, and the examples we are constantly presented with remind us that despite the fact that organizations have security strategies in place, they still face threats are. This is often due to the complexity of enterprise endpoint environments and the vulnerability of mission-critical security controls. The general condition and resilience of devices and applications also play a role.
With the ever-evolving threat landscape, one-time investments in cyber security are simply not enough. The continuous visibility and thatMonitoring the current status of applications and devices is still necessary to strengthen the protection of companies and their IT assets. And even then, it’s not a foolproof way to stop cybercriminals in principle.
Organizations need to understand the increasing threats they face and take the necessary measures to effectively protect themselves, their users, devices and sensitive data. We all know that the impact of attacks on IT systems can be detrimental, and organizations are always at risk of enormous financial and reputational loss. This can only be compensated for with constantly increasing effort, while the introduction of effective and reliable security measures alone will not be enough.
The fundamental challenge
Enterprises continually face challenges in managing their complex endpoint environments . We live in a work-from-anywhere world where working five days a week within the four walls of a company is no longer the sole norm. While this evolution brings many benefits, it also means that a company’s equipment is more dispersed than ever before.
Companies are therefore now faced with the challenge of not only strictly controlling the devices, but also the applications on them. The ever-increasing number of applications makes the work of the security teams more and more difficult.
When companies invest in cyber security, it often involves multiple different types of software to create a complete and effective security posture. These are specially organized technologies for protecting end devices from potential threats: These include, for example, Unified Endpoint Management (UEM), Virtual Private Networks (VPN), Endpoint Detection and Response (EDR) and Zero Trust Network Access (ZTNA).
Enterprise devices typically have various security controls installed, as well as a variety of business and productivity applications, including those used by the enterprise and those downloaded by end users. Security teams have an overall responsibility to protect all of these applications equally.
While the purpose of security software is to function as thoroughly and directly as possible, no application is inherently immune from failure: its normal state can be compromised by many factors, from manipulation by a malicious attacker to simple fact that the software needs to be upgraded.
Research by Absolute Software, which monitored the health of security applications, found that applications are only working effectively on less than 80 percent of devices, and in some cases as little as 35 percent.
Organizations may believe they have effective security controls in place, but if they turn a blind eye to their current state, it can quickly deteriorate. The investments made to protect data run the risk of being wasted. And error-prone endpoints offer hackers an entry point to steal valuable data.
Endpoints are particularly vulnerable
The strength of an organization’s security posture is directly related to the health and resilience of devices and applications. Due to the high level of fragmentation in this sector, the average enterprise device is often months behind when it comes to installing the latest security patches.
Research has shown that up to 20,265 new software vulnerabilities were identified and reported in 2022, compared to 20,171 incidents in all of 2021. While the increase may seem small, in order to meaningfully address all of these vulnerabilities, security teams must closely monitor and update every single endpoint in an organization.
Not only does this take a lot of time, but in a working world that lacks the necessary cyber knowledge and experience, the resources and skills needed to actively combat it are not always available.
For devices running Windows 10, for example, new updates are made available by Microsoft every month on Patch Tuesday. But despite the general availability of updates, they are often neglected because companies are overwhelmed with the task of keeping every device up to date with the latest security developments every month.
While it may be easy for organizations to overlook such constant logging and intrusions, doing so exposes them to additional threats and generally reduces the effectiveness of their security measures. In fact, hackers have posted codes on the Internet that allow many people to attack a company’s devices if their vulnerabilities are not regularly patched. This basically means making it overly easy for cyber criminals.
Self-healing capabilities relieve security teams
Even if it is not a realistic goal to be able to prevent cyber attacks in principle and completely, all companies should take measures to reduce the risk of an attack as much as possible. To make this a reality, priority should be given to visibility, control, and self-healing capabilities across endpoints.
This also includes being aware of how many devices still work with outdated applications. One should be fully aware of the potential risks involved. But even if a company is aware of this, suitable countermeasures are often not taken. This is where self-healing solutions come into play, which can take over this task for a company.
Self-healing technologies can not only monitor the health of endpoints and applications, but also repair or reinstall them if necessary, without the user or the IT team having to do this themselves. This allows devices to be secured and important security controls to be up to date and working reliably.
It is in everyone’s interest that security measures are put in place that not only continuously monitor a device, but also update themselves automatically. They offer companies the best chance of being able to protect themselves effectively against cyber criminals.
