State of Endpoint Security: The Buyers Mindset
-
Upload
crowdstrike -
Category
Technology
-
view
295 -
download
0
Transcript of State of Endpoint Security: The Buyers Mindset
2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
STATE OF THE ENDPOINT: THE BUYER MINDSET
DMITRI ALPEROVITCH: CO-FOUNDER AND CTO, CROWDSTRIKEDAN LARSON: VP, PRODUCT MARKETING, CROWDSTRIKEEDDIE BORRERO: CHIEF INFORMATION SECURITY OFFICER, ROBERT HALF
2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
RESEARCH OVERVIEW
§ “Trends in Endpoint Security: A State of Constant Change”
Study conducted by ESG, commissioned by CrowdStrike and other technology vendors
§ 385 completed online surveys § IT/information security professionals responsible for evaluating, purchasing, and managing
endpoint security technology products and services
§ 17% midmarket, 83% enterprise§ Midmarket (100 - 999 employees) and enterprise (1K or more employees) organizations in North
America
§ Multiple industry verticals § Including business services, financial, manufacturing, and education
I. RENEWED FOCUS ON THE ENDPOINT
2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
*Enterprise Strategy Group: Endpoint Security Survey 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
Which of the following – if any – cybersecurity attacks has your organization experienced within the last 12 months that specifically involved an endpoint device to some extent?”
THE ENDPOINT IS UNDER SUSTAINED ATTACK
15%
21%
22%
23%
24%
27%
28%
30%
0% 5% 10% 15% 20% 25% 30% 35%
None of the above
Ransomware
Targeted penetration attacks
Multi-stage attacks which may exploit a legitimate application to execute ascript as part of its attack chain
Fileless attacks including scripts and weaponized content that takeadvantage of a legitimate application
Commodity/mass malicious software
Exploits that take advantage of vulnerabilities in legitimate, but unpatchedsoftware
Targeted Malicious Software
(Percent of respondents, N=385, multiple responses accepted)
2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
ENDPOINT SECURITY – WHO IS IN CHARGE?
Do you expect your organizational
model for endpoint security to changeover the next two
years? 32%
28%
33%
0% 10% 20% 30% 40% 50%
Expecttohaveadedicatedendpointsecuritygroup
ExpecttheSOC/securitygrouptoberesponsible
ExpectittoremainwithITornochangeinresponsibility
*Enterprise Strategy Group: Endpoint Security Survey
(Percentofrespondents,N=385)
2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
ENDPOINT SECURITY – MORE IS BEING INVESTED
Increasesubstantially,32%
Increasesomewhat39%
Remainaboutthesame,26%
Decreasesomewhat,1% Don’tknow,1%
*Enterprise Strategy Group: Endpoint Security Survey
72% of companies will increase endpoint budget over next 12 months
(Percentofrespondents,N=385)
II. THE ENDPOINT IS CLUTTERED AND CONFUSED
2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
ENDPOINT SECURITY – ‘LAYERING’ CONTINUESHas your organization purchased and deployed additional endpoint security controls from another vendor
in addition to the controls from your pre-existing antivirus vendor?
Weplantoemployadditionalcontrolsinthenext12-24months,1%
Don'tKnow,1%
Yes,wehaveemployedadditionalcontrolsonthoseendpointsweconsidertobe
high-valueendpointsonly,32%
Yes,wehaveemployedadditionalcontrolsforallormostofourendpoints,41%
No,wenotemployedadditionalcontrols,18%
Wearecurrentlyevaluatingadditionalcontrols,7%
*Enterprise Strategy Group: Endpoint Security Survey
(Percentofrespondents,N=385)
2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
MULTIPLE PRODUCTS ON THE ENDPOINTApproximately how many unique endpoint security software products – including antivirus, device control, application control, vulnerability
scanning, and others you consider to be endpoint security products – does your organization have deployed throughout the enterprise?
24%Only 1 Endpoint Security Product Deployed
50%2 or 3 Endpoint Security Products Deployed
24%4 or more Endpoint Security Products Deployed
*Enterprise Strategy Group: Endpoint Security Survey
(Percentofrespondents,N=385)
2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
AGENT BLOAT IS REAL BLOAT
On average, approximately how
many security agents (i.e., antivirus and
other security software) are installed on a typical endpoint?
31%
51%
17%
0%
20%
40%
60%
1Agent 2-3Agents 4orMoreAgents
*Enterprise Strategy Group: Endpoint Security Survey
(Percentofrespondents,N=385)
III. ENDPOINT SECURITY IN TRANSITION
2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
EDR IS CATCHING HOLD
To the best of your knowledge, has your
organization deployed or is it considering
deploying an endpoint detection and
response (EDR) solution?
Yes,wearealreadyusing
EDRextensively35%
Yes,wearealreadyusingEDRonalimitedbasis
35%
Planningonusingit21%
Noimmediateplan9%
(Percentofrespondents,N=352)
*Enterprise Strategy Group: Endpoint Security Survey
2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
ORGANIZATIONS ARE VOTING WITH THEIR FEET
How often does your organization change antivirus
vendors?
76%
22%
0%
20%
40%
60%
80%
OrganizationshaveorplantochangetheirAVvendorwithinnext
12-24months
Havenoplans
*Enterprise Strategy Group: Endpoint Security Survey
(Percentofrespondents,N=385)
2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
THE REALITY OF THE ‘UPGRADE LAG’
Does your organization typically upgrade to the
latest version of endpoint security software –including antivirus
software – when your vendor(s) introduces a
new version of their product? 41%
38%
19%
0% 10% 20% 30% 40% 50%
Yes,immediately
Yes,within6months
Morethan6months
*Enterprise Strategy Group: Endpoint Security Survey
(Percentofrespondents,N=385)
2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
Which of the following best represents your organization’s adoption of SECaaS for endpoint security?
SECAAS IS GAINING ATTENTION
AreplanningorconsideringSECaas55%
No,plans45%
*Enterprise Strategy Group: Endpoint Security Survey
(Percentofrespondents,N=385)
2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
Why is your organization currently using or planning on/interested in using managed services for some aspects of endpoint security?
THE EXPECTATIONS FROM SECAAS
31%
32%
33%
45%
0% 10% 20% 30% 40% 50%
Myorganizationdoesn'thavetherightsizedstafftoaddressourendpointsecurityneedssowedecidedtomovetowardamanaged
securityservice
Webelievethatamanagedsecurityserviceforendpointsecuritycanhelpusreducecosts
Myorganizationdoesn'thavetherightlevelofendpointsecurityskillstoaddressthecurrentthreatlandscape,sowedecidedtomove
towardamanagedsecurityservice
Webelievethatamanagedthreathuntingsecurityserviceforendpointsecuritycanhelpusimproveincidentprevention,incident
detection,andincidentresponse
(Percentofrespondents,N=328,multipleresponsesaccepted)
*Enterprise Strategy Group: Endpoint Security Survey
*Enterprise Strategy Group: Endpoint Security Survey 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
Which of the following considerations would you characterize as having the most significant influence on your organization’s endpoint security strategy moving forward?
MORE EFFECTIVE, MORE EFFICIENT, CLOUD-BASED SOLUTION
2%
17%
18%
19%
23%
24%
26%
26%
0% 5% 10% 15% 20% 25% 30%
None of the above
Targeted attacks on organizations in our industry
Regulatory compliance
A general organizational initiative to address cyber risk and improve informationsecurity best practices
Employee mobility inclusive of their use of multiple devices, unmanaged devices,and off-network, remote workplaces
The need to align our endpoint security strategy with our use of cloud computingservices
Improving the operational efficiency for end-users and the IT and security teams
Increasing the efficacy of addressing new types of threats
(Percent of respondents, N=385, multiple responses accepted)
2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
IN SUMMARY, ORGANIZATIONS WANT
CROWDSTRIKE FALCON OFFERS BETTER EFFICACY PROTECTING
AGAINST MALWARE AND MALWARE FREE ATTACKS
CROWDSTRIKE FALCON DELIVERS IT HYGIENE, PREVENTION, DETECTION,& RESPONSE,
HUNTING AND THREAT INTEL FROM ONE PLATFORM AND WITH
ONE AGENT
CROWDSTRIKE IS SETTING A NEW STANDARD WITH NATIVE CLOUD ENDPOINT PROTECTION
EFFICACY EFFICIENCY CLOUD
2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
Questions?Please submit all questions in the Q&A chat
right below the presentation slides
Contact Us
Additional Information
CrowdStrike Falcon30-DayTestDrive
crowdstrike.com/testdrive
ComingSoon:ESGDocuments– ReportandInfographic
crowdstrike.com/resources
Website: crowdstrike.comEmail: [email protected]: 1.888.512.8902 (US)