alphaspirit - Fotolia

IT pros look to endpoint security to counter custom malware

IT professionals are focusing on endpoint security in the face of custom malware that is bypassing traditional perimeter defences, a survey shows

IT and security professionals plan to increase investments in endpoint detection and response (EDR) tools in the coming year, according to a survey by security firm Guidance Software.

Gartner coined the term EDR to describe tools primarily focused on detecting and investigating suspicious activities and traces of such on endpoints.

Some 72% of the nearly 400 respondents said they plan to increase their endpoint security budget in the next year, with 32% of those saying the increase will be “substantial”.

Most respondents said cyber attacks in the past 12 months involved methods that typically bypass traditional perimeter defences, with only 27% reporting attacks from commodity malware.

More than a quarter of respondents said they consider endpoint detection and response to be one of the most important security controls.

The majority (95%) said advanced software functionality for malware removal and system recovery without the need to reimage a system is important, with 23% citing reimaging endpoints as one of their organisation’s top endpoint security challenges.

The survey indicates the EDR market is growing and that EDR tools have become one of the most important capabilities in the enterprise security suite as security teams seek tools deal with security alerts, identify real threats and remediate attacks without taking endpoints offline for reimaging.

Read more about endpoint security

“Security professionals across all industries are facing critical attacks on their networks and are finding it more and more difficult to respond quickly and efficiently,” said Patrick Dennis, president and CEO of Guidance Software.

“While organisations can try to do everything in their power to prevent breaches, they must accept the reality that no network is completely secure. By adopting the right tools and processes for rapid detection and response, security teams can be more confident in their abilities to find and remediate issues when – not if – a breach occurs,” he said.

According to a recent article published by SearchSecurity, endpoint security advances in behaviour analytics, sandboxing and machine learning are increasing its capacity to mitigate advanced malware and play a significant role in defending the enterprise against evolving threats.

Read more on Endpoint security