Tech Journal 5 Security Risks Your Endpoints
May Be Exposed to

By  Insight Editor / 28 Jul 2021  / Topics: Devices

Security lock on computer motherboard. HP Security

As cybersecurity threats continue to evolve, so too must your business’s endpoint security strategy.

With the rapid shift to remote work, the need to keep endpoints protected has become even more challenging for both users and IT departments. According to a report by the Information Systems Security Association, more than a third of IT cybersecurity professionals say that they feel the hybrid-work arrangement leaves their organization more compromised and exposed to security threats.

This growing concern could be attributed to the fact that users and devices are now dispersed more than ever — and they’re likely to stay that way for a while. Some organizations found roadblocks in making the necessary adjustments to reduce endpoint security risk in the face of these new or unknown threats. In fact, Ponemon Institute surveyed 671 IT security professionals and found that 68% saw a noticeable increase in the frequency of attacks, with one or more successful endpoint attacks occurring in the past two years alone.

In this article, we’ll explore some of the leading reasons for why IT security must be more vigilant.

1. The workplace, and cyberthreats, are now decentralized.

It’s been a little over a year since a majority of companies sent employees home; and now every industry is slowly starting to return, but with a hybrid twist. It’s become clear that there’s going to be a split in how businesses operate moving forward: Some may remain remote long term, some will have everyone back in the office once again and others will go for a middle ground approach.

HP’s Proprietary Research report for 2020 found that at least 50% of employees are currently working from home and 98% of these workers would like to continue part-time remote work for the rest of their careers. Unfortunately, as a result of this shift, some IT pros have tracked as many as double the number of cybersecurity incidents at their organizations. Taking this into consideration, it’s no surprise that this is the reason 57% of cybersecurity professionals anticipate spending more on endpoint security in the near future.

2. Cyberattackers are drawn to unwitting employees.

Technology plays a big role in the success of a company’s cybersecurity strategy, but equally important is the awareness among employees. More than 99% of email messages distributing malware require human intervention — such as clicking on links, opening attached documents and accepting pop-up warnings. Unfortunately, once a cyberpathogen gets into a business’s IT, it can easily and quickly spread from one system to another. That’s why educating workers about these threats and how to avoid them is critical.

3. Antivirus programs are no longer enough.

Every month, there are a reported 102 million new malware threats — which breaks down to 360,000 attacks per day, or 4.2 attacks each second. After analyzing the patterns behind these everyday attacks, Ponemon Institute determined that 80% were zero-day threats with 60% of them being missed by antivirus programs. Traditional antivirus software may not be adequate at detecting and preventing these more advanced threats. That’s why a total of 85% of organizations say they prefer modern IT security products with features such as Artificial Intelligence (AI), machine learning, containerization, microvirtualization and behavior monitoring. 

4. It’s impossible to fight a breach you can’t see.

Without proper oversight of device security, it takes a while to know that you even have a problem. In general, organizations take an average of 315 days to identity and contain a breach caused by a malicious attack with only 97 of those days being spent actually patching the weak spot. Having more people working from home could increase the time it takes for an organization’s IT cybersecurity team to identify and contain a data breach by days or even months.

5. Cybersecurity experts are in short supply.

Even though there’s a growing request for cybersecurity experts, there isn’t always enough people or resources to fulfill the need. In fact, about 85% of organizations have experienced a shortfall of skilled IT security personnel; a staggering 3.5 million cybersecurity jobs are expected to remain unfulfilled by the end of 2021. For those who have continued to work throughout the pandemic, they’ve reported an increase in workload (32%) and have found that their day-to-day activities were changed to non-security related IT duties to fill company gaps (47%). Stretched thin, IT teams are splitting their time between a myriad of tasks, taking them away from their main objective.

With more than half of the organisations today reporting a lack of in-house expertise and resources around endpoint protection, there’s never been a better time to revisit your current security strategy.

Reduce organisational risk, maintain compliance and make confident technology decisions with our comprehensive strategy sessions and managed security services.

  • (ISC)² Cybersecurity Workforce Study, April 28, 2019
  • The Impact of the COVID-19 Pandemic on Cybersecurity, ISSA, July 30, 2020
  • Ponemon Institute 2020 State of Endpoint Security Report sponsored by Morphisec, January 2020
  • HP Proprietary Research, May 2020
  • CyberEdge 2020 Cyberthreat Defense Report, March 2020
  • Proofpoint Human Factor Report 2019, September 2019
  • Mimecast The State of Email Security 2020, June 2020
  • AV-Test SECURITY REPORT 2019/2020, August 26, 2020
  • 15th Annual 2020 Cost of a Data Breach Study: Global Overview from IBM Security and Ponemon Institute, July 2020
  • Based on HP’s internal analysis of isolation backed, deep learning endpoint security services including SaaS and managed services. Most advanced based on application isolation and deep learning endpoint protection on Windows 10 PCs as of July 2020. (ISC)² Cybersecurity Workforce Study, April 28, 2019
  • The Impact of the COVID-19 Pandemic on Cybersecurity, ISSA, July 30, 2020
  • HP Security is now HP Wolf Security. Security features vary by platform, please see product data sheet for details.
  • HP Wolf Pro Security Service is sold separately. For full system requirements, please visit http://www.hpdaas.com/requirements. HP services are governed by the applicable HP terms and conditions of service provided or indicated to Customer at the time of purchase. Customer may have additional statutory rights according to applicable local laws, and such rights are not in any way affected by the HP terms and conditions of service or the HP Limited Warranty provided with your HP Product. For full system requirements, please visit www.hpdaas.com/requirements.
  • HP Sure Click is available on select HP PCs and requires Windows 10. See https://bit.ly/2PrLT6A_SureClick for complete details.
  • HP Sure Sense is available on select HP PCs and is not available with Windows10 Home.
  • Security Experts available in the Proactive Security Enhanced plan only.

© Copyright 2021 HP Development Company, L.P. The information contained herein is subject to change without notice. The only warranties for HP products and services are set forth in the express

warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. HP shall not be liable for technical or editorial

errors or omissions contained herein.