Most IT and security teams would agree that ensuring endpoint security and network access security applications are running in compliance with security policies on managed PCs should be a basic task.
A new report from Absolute Security, based on anonymised telemetry from millions of mobile and hybrid PCs that run its firmware-embedded solution, found a lot of the market is falling well short of best practice.
The 2024 Cyber Resilience Risk Index report found that, if not supported by automated remediation technologies, top endpoint protection platforms and network access security applications are failing to maintain compliance with security policies 24% of the time across its sample of managed PCs. When combined with data showing significant delays in patching applications, Absolute Security argued organisations may be ill-equipped to make the landmark shift to AI PCs, which would require significant resourcing and direct attention away from these foundations of cyber security.
Findings detail basic security tool and patching problems.
Absolute Security's report looked at data from more than 5 million PCs from global organisations with 500 or more active devices running Windows 10 and Windows 11.
It uncovered findings that should concern IT and cyber security teams.
Essential endpoint security tools failing to measure up to security policies.
Absolute Security looked at how organisations deployed endpoint security platforms like CrowdStrike, Microsoft Defender Antivirus, Microsoft Defender for Endpoint, Palo Alto Networks' Cortex XDR, Trend Micro's Apex One, SentinelOne's Singularity and Sophos' Intercept X. SEE: The top 8 advanced threat protection tools and software available in 2024.
It also looked at the use of leading zero trust network security applications, including Citrix's Secure Private Access, Cisco's AnyConnect, Palo Alto Networks' GlobalProtect, Zscaler's Internet Access offering and Netskope's ZTNA Next.
Organisations are still falling far behind of their patching ambitions.
Absolute Security found patching times varied by sector.
Realising AI PC advantages will depend on executing on security.
Absolute Security said the ability for a new breed of AI PCs to handle large data sets and language model processing locally would allow more data to be kept locally on enterprise-owned assets rather than with third-party cloud hosts.
The firm said this would depend on properly functioning security and risk controls on the endpoint devices.
The report recommended that enterprises investing in AI-capable PC rollouts take steps to ensure maximum efficiency across IT, security and risk procedures.
Absolute Security warns against over reliance on existing tools.
Absolute Security recommended CISOs and IT deploy solutions that monitor, report and help repair endpoint and network access security applications in as near real-time as possible.
When it came to patching systems, Absolute Security warned standard vulnerability management platforms may not verify if assets are in compliance with security policies or performing as expected, even if fully patched.
As AI PCs are invested in and rolled out in greater numbers, Absolute Security suggested enterprises take steps to ensure maximum efficiency across IT, security and risk procedures, including repair and restoration of security applications as well as rollout and management processes.
Efficiency gains will ensure that IT and security teams are able to focus on providing the maximum defense against threats.
This Cyber News was published on www.techrepublic.com. Publication date: Mon, 13 May 2024 19:43:06 +0000