Organizations should select security products that provide superior security value, not just in terms of monetary cost but also in terms of their security effectiveness. Security effectiveness is measured by the technology’s ability to deliver on these three core capabilities, at a minimum:
Does the technology deliver on the security function that it is intended and expected to perform?
There are two primary attack vectors used to compromise endpoints: malicious executables (malware) and vulnerability exploits. Effective endpoint security technology or products must prevent malware and exploits from compromising endpoints and servers. They must also prevent known and unknown variants of each malware and exploit.
Does it prevent attackers and users from bypassing its security functions?
No endpoint security tool or technology, or any security tool or technology, is built with the intent of being easily bypassed. If an attacker and/or end users are able to circumvent the technology’s intended function, then the solution is not serving its ultimate purpose. An effective endpoint security platform should not enable attackers to bypass the security function, as well as cause performance issues that would result in users disabling components.
Does it evolve to accommodate and protect new applications, systems and platforms?
The frequency of cyberattacks several decades ago was low, as was the sophistication of the malware and attack methods. Endpoint security tools were designed to pre-vent viruses from infecting a system. However, today’s threat landscape is radically different and has relegated endpoint security tools, like antivirus, to reactive detection and response tools. Security products need to adopt a proactive approach in order to adequately secure the endpoint. There needs to be a focus on prevention in order to reduce the frequency and impact of cyber breaches.
Organizations should select security products that deliver meaningful security value as measured by the effectiveness of the products’ ability to meet the three above requirements.