This article aims to bring awareness to the role and impact of an effective endpoint security framework as a key information security sub-category within the current day corporate business society while battling with the trends in cybercrimes and data loss mechanisms of which may contribute to business continuity and survival.
“The average total cost of data breaches for 419 companies participating in a research conducted was $3.62 million in 2017.” – Ponemon Institute: 2017 Cost of Data Breach Study, June 2017
7 out of 10 organizations say their security risk increased significantly in 2017. – (Ponemon Institute’s 2017 Cost of Data Breach Study)
According to Gartner within the commercial scope, endpoint security is “A solution deployed on an endpoint device to prevent file-based malware attacks, detect malicious activity, and provide the investigation and remediation capabilities needed to respond to dynamic security incidents and alerts.” (Gartner, 2017). A more consumerized definition, also from Gartner states that Endpoint Security speaks to “a solution that converges endpoint device security functionality into a single product that delivers antivirus, anti-spyware, personal firewall, application control and other styles of host intrusion prevention (for example, behavioural blocking) capabilities into a single and cohesive solution.” (Gartner 2015)
In 2017, overall malware variants were up by 88 percent. - (Symantec 2018)
“Cybercrime is estimated to be responsible for organizations having over 600 million records being leaked 2015.” – IBM: 2016 X-Force Threat Intelligence Report, December 2016
All devices, such as desktops, laptops, tablets, smartphones and even servers in a data centre are recognised as endpoints and supply an entry point for the threats to their respective network. As defined earlier the primary objective of endpoint security is to adequately secure every endpoint connecting to a network to block unauthorised access and malicious attempts to enter and affect an enterprise’s network infrastructure. As more companies assume practices such as BYOD (Bring Your Own Devices) and facilitate mobile (remote) employees, their network’s security perimeter has significantly been reduced as a result.
Endpoint security provides centralized security controls with additional protection at the point of entry for many attacks as well as the point of exit for sensitive data from an enterprise’s network. The steady increase in mobile threats over the last 10 years has demanded the need for more resilient endpoint security measures within the corporate environment as staff members now depending on remotely-enabling devices to connect the company’s networks and fulfil their duties. Any compromising of these devices (endpoints) may lead to an organization becoming vulnerable to cybercrime-related activities such as DDoS (Denial of Service), Cyberterrorism, Data Compromise, Social Engineering, Spamming, Phishing and ransomware to name a few. It is these cyber-crime related activities through defects in endpoint security that will holistically have a negative effect on business continuity.
“80% of business executives believe if they had threat intelligence at the time of a breach, they could have prevented or minimized the consequence of the attack.” – Ponemon Institute: 2015 Cost of Data Breach Study, June 2016
“83% of enterprises have difficulty finding the skills they need. Unfilled security positions are expected to grow to 1.5 million by 2020.” - Ponemon Institute: Cyber Threat Intelligence Report 2015, June 2016
Business continuity is a very wide and self-explaining category, as its name suggests it speaks to how corporate enterprise or even social societies continue to evolve and adapt throughout time to maintain relevance and completeness within its industry. Even though it can be stated that they are many sub-categories of information security that may affect corporate business continuity, there’s no doubt that endpoint security would be classified as a key category based on current global trends in the cyber security world.
The lack of a proper endpoint security framework and controls within an organization could potentially lead to a compromise by one or more of the earlier mentioned cybercrime-related activities. It is the damage (such as reputational damage and loss in revenue due to fraud) done by these cybercriminal activities which will have a significant contributing impact on an organization’s business continuity regime.
Akeem Noble is an IS Auditor and IT Security Consultant at Symptai Consulting. With over 3 years of working with multiple programming languages, web scripts and CMS tools. Akeem provides support on multiple IT Security projects in which he is responsible for vulnerablity resolution.