Where is endpoint security headed? How do your priorities and capabilities compare to those of your peers?
As the battle against breaches rages on, many enterprises are focused on revamping their endpoint security strategy – from enhancing efficacy to reducing complexity and agent bloat. A new webcast, “State of the Endpoint: The Buyer Mindset,” discusses the current state of endpoint security and offers insights from an all-star panel of thought leaders, including Internationally recognized cybersecurity leader and CrowdStrike Co-founder Dmitri Alperovitch, VP of Product Marketing Dan Larson, and other experts as they discuss today’s most important security issues. Join them as they explore the findings from a new research report, “Trends in Endpoint Security: A State of Constant Change,” a study conducted by ESG and commissioned by CrowdStrike and other technology vendors. The panel will provide their impressions of the data in the survey and how the viewpoints revealed mesh with current technology trends, offering insights that can help inform your security strategy going forward.
Join this webcast to learn:
-The current state of Antivirus (AV) including how many organizations are choosing to change vendors and why
-Best of breed vs. comprehensive suites – which approach do your peers prefer and what are the advantages and challenges of each?
-How solutions are affecting endpoints and your IT Security peers, including the increase in agents installed and the impact of increased complexity
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
State of Endpoint Security: The Buyers Mindset
1. 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
STATE OF THE ENDPOINT: THE
BUYER MINDSET
DMITRI ALPEROVITCH: CO-FOUNDER AND CTO, CROWDSTRIKE
DAN LARSON: VP, PRODUCT MARKETING, CROWDSTRIKE
EDDIE BORRERO: CHIEF INFORMATION SECURITY OFFICER, ROBERT HALF
2. 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
RESEARCH OVERVIEW
§ “Trends in Endpoint Security: A State of Constant Change”
Study conducted by ESG, commissioned by CrowdStrike and other
technology vendors
§ 385 completed online surveys
§ IT/information security professionals responsible for evaluating, purchasing, and managing
endpoint security technology products and services
§ 17% midmarket, 83% enterprise
§ Midmarket (100 - 999 employees) and enterprise (1K or more employees) organizations in North
America
§ Multiple industry verticals
§ Including business services, financial, manufacturing, and education
3. I. RENEWED FOCUS ON THE ENDPOINT
2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
4. *Enterprise Strategy Group: Endpoint Security Survey 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
Which of the following – if any – cybersecurity attacks has your organization experienced within the last 12 months
that specifically involved an endpoint device to some extent?”
THE ENDPOINT IS UNDER SUSTAINED ATTACK
15%
21%
22%
23%
24%
27%
28%
30%
0% 5% 10% 15% 20% 25% 30% 35%
None of the above
Ransomware
Targeted penetration attacks
Multi-stage attacks which may exploit a legitimate application to execute a
script as part of its attack chain
Fileless attacks including scripts and weaponized content that take
advantage of a legitimate application
Commodity/mass malicious software
Exploits that take advantage of vulnerabilities in legitimate, but unpatched
software
Targeted Malicious Software
(Percent of respondents, N=385, multiple responses accepted)
5. 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
ENDPOINT SECURITY – WHO IS IN CHARGE?
Do you expect your
organizational
model for endpoint
security to change
over the next two
years? 32%
28%
33%
0% 10% 20% 30% 40% 50%
Expect to have a dedicated endpoint
security group
Expect the SOC/security group to be
responsible
Expect it to remain with IT or no
change in responsibility
*Enterprise Strategy Group: Endpoint Security Survey
(Percent of respondents, N=385)
6. 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
ENDPOINT SECURITY – MORE IS BEING INVESTED
Increase
substantially, 32%
Increase somewhat
39%
Remain about the
same, 26%
Decrease somewhat, 1% Don’t know, 1%
*Enterprise Strategy Group: Endpoint Security Survey
72% of companies will increase endpoint budget over next 12 months
(Percent of respondents, N=385)
7. II. THE ENDPOINT IS CLUTTERED AND CONFUSED
2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
8. 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
ENDPOINT SECURITY – ‘LAYERING’ CONTINUES
Has your organization purchased and deployed additional endpoint security controls from another vendor
in addition to the controls from your pre-existing antivirus vendor?
We plan to employ additional controls
in the next 12-24 months, 1%
Don't Know, 1%
Yes, we have employed
additional controls on those
endpoints we consider to be
high-value endpoints only, 32%
Yes, we have employed
additional controls for all or
most of our endpoints, 41%
No, we not employed additional
controls, 18%
We are currently evaluating
additional controls , 7%
*Enterprise Strategy Group: Endpoint Security Survey
(Percent of respondents, N=385)
9. 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
MULTIPLE PRODUCTS ON THE ENDPOINT
Approximately how many unique endpoint security software products – including antivirus, device control, application control, vulnerability
scanning, and others you consider to be endpoint security products – does your organization have deployed throughout the enterprise?
24%Only 1 Endpoint Security
Product Deployed
50%2 or 3 Endpoint Security
Products Deployed
24%4 or more Endpoint
Security Products
Deployed
*Enterprise Strategy Group: Endpoint Security Survey
(Percent of respondents, N=385)
10. 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
AGENT BLOAT IS REAL BLOAT
On average,
approximately how
many security agents
(i.e., antivirus and
other security
software) are installed
on a typical endpoint?
31%
51%
17%
0%
20%
40%
60%
1 Agent 2-3 Agents 4 or More Agents
*Enterprise Strategy Group: Endpoint Security Survey
(Percent of respondents, N=385)
12. 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
EDR IS CATCHING HOLD
To the best of your
knowledge, has your
organization deployed
or is it considering
deploying an endpoint
detection and
response (EDR)
solution?
Yes, we are
already using
EDR extensively
35%
Yes, we are already using
EDR on a limited basis
35%
Planning on
using it
21%
No immediate
plan
9%
(Percent of respondents, N=352)
*Enterprise Strategy Group: Endpoint Security Survey
13. 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
ORGANIZATIONS ARE VOTING WITH THEIR FEET
How often does
your organization
change antivirus
vendors?
76%
22%
0%
20%
40%
60%
80%
Organizations have or plan to
change their AV vendor within next
12-24 months
Have no plans
*Enterprise Strategy Group: Endpoint Security Survey
(Percent of respondents, N=385)
14. 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
THE REALITY OF THE ‘UPGRADE LAG’
Does your organization
typically upgrade to the
latest version of endpoint
security software –
including antivirus
software – when your
vendor(s) introduces a
new version of their
product? 41%
38%
19%
0% 10% 20% 30% 40% 50%
Yes, immediately
Yes, within 6 months
More than 6 months
*Enterprise Strategy Group: Endpoint Security Survey
(Percent of respondents, N=385)
15. 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
Which of the following best represents your organization’s adoption of SECaaS for endpoint security?
SECAAS IS GAINING ATTENTION
Are planning or considering
SECaas
55%
No, plans
45%
*Enterprise Strategy Group: Endpoint Security Survey
(Percent of respondents, N=385)
16. 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
Why is your organization currently using or planning on/interested in using managed services for some aspects of endpoint security?
THE EXPECTATIONS FROM SECAAS
31%
32%
33%
45%
0% 10% 20% 30% 40% 50%
My organization doesn't have the right sized staff to address our
endpoint security needs so we decided to move toward a managed
security service
We believe that a managed security service for endpoint security can
help us reduce costs
My organization doesn't have the right level of endpoint security
skills to address the current threat landscape, so we decided to move
toward a managed security service
We believe that a managed threat hunting security service for
endpoint security can help us improve incident prevention, incident
detection, and incident response
(Percent of respondents, N=328, multiple responses accepted)
*Enterprise Strategy Group: Endpoint Security Survey
17. *Enterprise Strategy Group: Endpoint Security Survey 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
Which of the following considerations would you characterize as having the most significant influence on your organization’s endpoint
security strategy moving forward?
MORE EFFECTIVE, MORE EFFICIENT, CLOUD-BASED SOLUTION
2%
17%
18%
19%
23%
24%
26%
26%
0% 5% 10% 15% 20% 25% 30%
None of the above
Targeted attacks on organizations in our industry
Regulatory compliance
A general organizational initiative to address cyber risk and improve information
security best practices
Employee mobility inclusive of their use of multiple devices, unmanaged devices,
and off-network, remote workplaces
The need to align our endpoint security strategy with our use of cloud computing
services
Improving the operational efficiency for end-users and the IT and security teams
Increasing the efficacy of addressing new types of threats
(Percent of respondents, N=385, multiple responses accepted)
18. 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
IN SUMMARY, ORGANIZATIONS WANT
CROWDSTRIKE FALCON OFFERS
BETTER EFFICACY PROTECTING
AGAINST MALWARE AND
MALWARE FREE ATTACKS
CROWDSTRIKE FALCON DELIVERS
IT HYGIENE, PREVENTION,
DETECTION,& RESPONSE,
HUNTING AND THREAT INTEL
FROM ONE PLATFORM AND WITH
ONE AGENT
CROWDSTRIKE IS SETTING A
NEW STANDARD WITH NATIVE
CLOUD ENDPOINT PROTECTION
EFFICACY EFFICIENCY CLOUD
19.
20. 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
Questions?
Please submit all questions in the Q&A chat
right below the presentation slides
Contact Us
Additional Information
CrowdStrike Falcon
30-Day Test Drive
crowdstrike.com/testdrive
Coming Soon:
ESG Documents – Report and Infographic
crowdstrike.com/resources
Website: crowdstrike.com
Email: info@crowdstrike.com
Number: 1.888.512.8902 (US)