New SANS True Cost of Endpoint Security Research Finds Patching Is Still a Major Pain Point for Security Pros

BETHESDA, Md., July 19, 2018 /PRNewswire/ -- A new study from SANS Institute, available July 26, examines endpoint management costs and issues in today's enterprises, including patching, lack of visibility and complexity. The research report also looks at upfront and hidden costs associated with endpoint management, as well as security concerns for when management goes awry.

"Endpoint management remains a critical security vector for most organizations," says Matt Bromiley, SANS Analyst, incident responder and the author of the survey report. "Numerous factors come into play in determining the success and cost of endpoint management efforts. Organizations need to consider all aspects of 'costs' when considering solutions: up-front costs, training, efficacy, ease of use and ongoing maintenance costs, for example."

The research found that organizational size and complexity, based on the number of operating systems in use, must be considered when organizations choose endpoint management tools. Size and complexity also relate to the lack of visibility that respondents reported, with 33% of respondents taking more than two days to detect security incidents, including patch noncompliance, configuration drift, query reconfiguration or indicators of attack/compromise.

Timely application of patches, typically accepted as an indicator of good cyber hygiene, remains an issue. Almost one-quarter (25%) of respondents have policies that allow at least one month for routine patching of their servers, and 11% need longer than that to install emergency or high-priority patches. For workstations, the policies are a bit more stringent, with 11% allowing more than a month to install emergency patches. A similar percentage take that long for routine patching.

"Even with the majority being able to patch within a month, the importance of timely patching has not diminished," continues Bromiley. "The lengthy time needed for applying patches is a concern, particularly for servers, because server-side vulnerabilities are often exploited for initial attacker foothold, providing a platform from which to pivot into other areas of the organization."

Full results will be shared during a Thursday, July 26 webcast at 4 PM EDT, sponsored by IBM Security, and hosted by SANS. Register to attend the webcast at www.sans.org/webcasts/107095

Those who register for the webcast will also receive access to the published results paper developed by SANS Analyst and endpoint security/incident response expert, Matt Bromiley.

Tweet This:

SANS True Cost of Endpoint Survey Results Released | July 26 @ 4 PM Eastern | Register to attend: www.sans.org/webcasts/107095

Visibility and Patch Application Key to Endpoint Security | Learn more on July 26 @ 4 PM Eastern | Register at www.sans.org/webcasts/107095

Explore the Costs of Endpoint Management | July 26 @ 4 PM Eastern | Register at www.sans.org/webcasts/107095

About SANS Institute
The SANS Institute was established in 1989 as a cooperative research and education organization. SANS is the most trusted and, by far, the largest provider of cyber security training and certification to professionals at governments and commercial institutions world-wide. Renowned SANS instructors teach over 60 different courses at more than 200 live cyber security training events as well as online. GIAC, an affiliate of the SANS Institute, validates a practitioner's qualifications via over 30 hands-on, technical certifications in cyber security. The SANS Technology Institute, a regionally accredited independent subsidiary, offers master's degrees in cyber security. SANS offers a myriad of free resources to the InfoSec community including consensus projects, research reports, and newsletters; it also operates the Internet's early warning system--the Internet Storm Center. At the heart of SANS are the many security practitioners, representing varied global organizations from corporations to universities, working together to help the entire information security community. (www.SANS.org)

SOURCE SANS Institute