Although more than a quarter of IT security professionals believe endpoint forensics solutions could improve time and effectiveness related to incident response, not all enterprises have chosen to integrate thorough endpoint security.
In an endpoint security survey, sponsored by Digital Guardian, the Enterprise Strategy Group looked into how enterprises view their endpoint security strategies and what they're considering in the future. The data was collected from 340 online surveys with IT security professionals at large North American organizations.
More than a third of those surveyed viewed their team's constant attending to “high-priority” issues as presenting the biggest endpoint security challenge. A third also said their organizations are, “more focused on meeting regulatory compliance requirements than addressing endpoint security risks with strong controls and oversight.”
Connie Stack, chief marketing officer, Digital Guardian, said in a Tuesday interview with SCMagazine.com that security professionals are constantly reacting to threats, which doesn't allow for time to instate new solutions or reinforce endpoint protection.
“They're (IT security professionals) forced into a reactionary mode,” she said. Instead of looking ahead, they must be addressing the most pressing issue at the moment.
“The bad guys are after the data, but security professionals don't have a chance to really look at it and align their business and employee needs with the target,” she said.
Additionally, 15 percent of respondents couldn't determine which data should be classified and protected. This, Stack said, could make professionals feel overwhelmed. In reality, most data might not be sensitive and require extra solutions.
“It's harder to take that data-centric security posture, but really, as we move forward, it's a must,” she said. “The problem will persist forever.”
Healthcare providers know their patients' personal health information is a target. Manufacturers know their trade secrets and intellectual property are at-risk. Retailers know it's the credit card information.
Having this knowledge, Stack said, enterprises need to take steps toward complete endpoint security to protect critical data.
[An earlier version of this article incorrectly referred to Connie Stack as "Connie Pratt."]