EDITOR ’ S QUESTION
WHAT ARE SOME OF THE CHALLENGES CIOS FACE WHEN IMPLEMENTING ENDPOINT PROTECTION STRATEGIES ?
Endpoint security management is a policy-based approach to network security that requires endpoint devices to comply with specific criteria before they are granted access to network resources . Endpoints can include PCs , laptops , smart phones , tablets and specialised equipment such as bar code readers or point of sale ( PoS ) terminals . Endpoint security management systems , which can be purchased as software or as a dedicated appliance , discover , manage , and control computing devices that request access to the corporate network .
A forecast from Gartner reflects that by 2025 , the global shortage of qualified emerging security leaders will result in a 20 % rise in salaries for even inexperienced cybersecurity leaders . Gartner states that skillset shortage is all time highest currently . According to Gartner , as the endpoint security industry continues to grow , the ever-evolving threat landscape and fast-paced technology upgrades are making it difficult for organisations to cop up . In scenarios like this , CIOs are left with two options .
Alain Penel , Regional Vice President – Middle East , Fortinet , said when a device is targeted with malware ,
While most CISOs and CIOs would agree that prevention is important , 100 % effectiveness is simply not realistic . especially ransomware , if you don ’ t react immediately the fight is over – and you will have lost . Penel said and worse , such an attack can quickly spread to other devices , and without an intervention plan in place , you will lose the chance to stop those threats from spreading like wildfire through your organisation .
“ Because of the high-profile endpoint attacks , everyone should already know that endpoints are just one of those places in the network loaded with dry tinder and high winds waiting for a spark to set it off ,” he said . “ And while most CISOs and CIOs would agree that prevention is important , 100 % effectiveness is simply not realistic . Not only is patching intermittent , but all security updates trail behind threat outbreaks , zero-day attacks can slip past security systems , and there will always be those few employees in the organisation who won ’ t be able to resist clicking on that malicious email attachment .
Yarob Sakhnini , Vice President , Emerging Markets , EMEA , Juniper Networks , said the increasingly sophisticated cyberattack landscape demands that businesses deploy a comprehensive security platform that not only unites and coordinates various threat analytics platforms but provides a simpler policy mechanism as well . “ This requires leveraging the entire network as a threat detection and enforcement tool ,” Sakhnini said . “ Most successful cyber-attacks exploit well-known vulnerabilities and security gaps on network endpoints . Unfortunately , organisations aren ’ t aware of all endpoints in their network because many are unmanaged transient BYOD , guest , or IoT devices that go undetected during periodic scans , making them invisible to most security tools .”
32 INTELLIGENTCIO MIDDLE EAST www . intelligentcio . com