Virtualization Technology News and Information
Article
RSS
Ziften Technologies 2019 Predictions: Endpoint Security from Edge to Cloud

Industry executives and experts share their predictions for 2019.  Read them in this 11th annual VMblog.com series exclusive.

Contributed by Logan Gilbert, vice president of products, Ziften Technologies

2019 Predictions for Endpoint Security from Edge to Cloud

If 2018 taught the industry anything, it is that endpoint security isn't a fair fight. Companies have to protect each and every endpoint, while attackers only need to breach one. That might explain why attackers love your endpoints.

In 2019, a trio of key elements protects the enterprise, starting with multi-factor authentication, end-user awareness training, and the deployment of proper endpoint visibility tools with posture hardening and protection.

Here are 4 trends in endpoint security for 2019:

1.  Endpoint Security for Servers, and Cloud

Endpoint security isn't just for endpoints. As EDR and endpoint security become more synonymous, expect to hear more about endpoint security delivering on the unique demands of cloud workload protection and virtualized resources (VMs). Much of the focus of EDR has been on end-user client devices or what most think of when they hear the term "endpoints". But the same need exists for on-premises Windows and Linux servers, and for virtual and container workloads in private or public cloud environments. Common endpoint security solutions across all of these "endpoints" is starting to occur and will become more universal.

2.  Machine Learning (ML) for Improved Endpoint Protection

Machine learning, or what is often referred to in marketing materials as artificial intelligence (AI), is all the rage in the cyber-security world and that is also the case in endpoint security. But I don't mean to belittle the topic, as it's a very important endpoint security trend that is not going away. Roark Pollock addresses the topic well in the following excerpt from his blog titled "The Growing Role of Artificial Intelligence in Cybersecurity."

3.  Endpoint Agent Consolidation.

Endpoint security has been undergoing consolidation from the very early days, and it continues today. In the early days anti-virus and anti-malware and personal firewall products were being consolidated into a single suite. Now we're seeing consolidation of siloed endpoint security tools into a single agent that enables centralized management of these multiple security functions. Regardless of the functions being incorporated into a single agent, the emphasis is on simplifying the overall solutions for customers.
There is a baffling number and type of tools today that profess to offer or help with endpoint security each of which have their own individual agent running on the endpoint. That explains why companies report to having ten or more agents running on their endpoints for a wide array of security functions. Thus, endpoint security vendors are responding by simplifying their offerings and consolidating their functionalities into a single agent.

4.  Rapid Consolidation of EPP and EDR

Similar to the consolidation happening at the endpoint agent level, there is also a massive move underway in the endpoint security market with the consolidation of what Gartner refers to as endpoint protection platforms (EPP) and endpoint detection and response (EDR). Established EPP / tradition AV vendors are rapidly moving to add EDR capabilities. While dedicated contemporary EDR vendors are adding prevention capabilities. This is bringing about a rapid consolidation of these heretofore massive individual markets. 

Today, companies want endpoint security solutions that combine pre-execution prevention, post-execution detection, and response / remediation capabilities at a minimum into one, holistic solution. Currently, Gartner estimates that "approximately 40% of EDR deployments are using both EDR and EPP from the same vendor." Assuming this trend continues, we can probably expect to see this number increase in future years.

Conclusion:

When it comes to EDR, the more you know and the wider you cast its net, the more successful your enterprise will be in protecting from outside attacks. Do the following three things to help protect all your endpoints:

1. Deploy multi-factor authentication.
2. Conduct regular end-user security awareness training.
3. Deploy endpoint security providing visibility, posture hardening, and protection.

##

About the Author

 

Logan Gilbert serves as vice president of products for Ziften Technologies of Austin TX, where he is responsible for leading the security solution vision from conceptualization to delivery to provide customers with unprecedented endpoint protection and visibility. Gilbert is a 20 year security industry veteran with direct experience as a technology solution architect and CISO, a product leader, business development executive and a network security analyst. Prior to joining Ziften, Gilbert worked at 21CT, leading several research and development efforts for Department of Defense (DOD) research organizations, including research related to cyber security, from which he earned his first patent (U.S. Patent 7,530,105: Tactical and Strategic Attack Detection and Prediction). Several of these efforts transitioned as operational solutions still in use by his former customers at the 25th Air Force and other intelligence agencies. Logan held a Top Secret clearance during his time at 21CT. Gilbert holds a Bachelor of Science, from the University of Texas, College of Computer Science.

Published Friday, January 25, 2019 7:25 AM by David Marshall
Comments
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
Calendar
<January 2019>
SuMoTuWeThFrSa
303112345
6789101112
13141516171819
20212223242526
272829303112
3456789