A SANS 2021 Report: Making Revolutionary Gains in Security on Your Endpoints

A SANS 2021 Report: Making Revolutionary Gains in Security on Your Endpoints

报告

Executive Summary

 

There is an internet security truism that says, “The internet is actually pretty secure—it is all those vulnerable endpoints that are the problems.” Despite years of increased spending on endpoint security, more than 70% of successful attacks still involve compromised endpoints. To keep information, customers, and businesses safe, endpoint security needs to improve dramatically.

 

Securing user devices is a complex problem, but it is not an unsolvable problem. Many enterprises have made dramatic improvements in meeting business demands for user applications and internet access, while successfully avoiding or mitigating business risks. However, no single solution or product is the answer to every organization’s endpoint security problem.

 

This SANS whitepaper details a process to evaluate your existing endpoint security strategy and move to security controls and processes that increase current levels of protection and provide a platform for staying ahead of evolving threats. The key points include:

  • Undergo a realistic evaluation of your starting point across people, process, security controls, and technology.
  • Define the needed levels of endpoint security based on business-critical technology use, IT and security governance approaches, and threat patterns.
  • Take advantage of “success factors” used by others to move to more effective and efficient endpoint protection.
  • Define and collect metrics to evaluate progress and demonstrate gains to management.