CISO MAG study: 1 in 3 CISOs feel the biggest challenge of endpoint solution is its complexity

November 21, 2019: Today, the typical organization has hundreds if not thousands of endpoints: desktops, workstations, laptops, mobile phones, tablets, access points, printers, IP-cams, USB devices, credit card readers, POS devices, servers, cloud VMs, and virtual desktops. The addition of IoT devices will increase the number of endpoints even more. Traditional anti-malware, signature-based, and file-scanning solutions will not be able to keep up and manage all those endpoints. This raised concerns with organizations delving into endpoint security.

CISO MAG, an information security news website, and publication from EC-Council conducted a multiple-choice survey, in the month of October 2019 to present new research on the usage of endpoint security solutions.

3 Key takeaways

The three prominent findings that stand out in the survey are:

  1. The best of both: Half of all companies (53.19%) that participated in this survey are using both EPP and EDR solutions.
  2. Endpoint visibility: Almost half of the respondents (46.38%) want real-time endpoint and application visibility.
  3. Managed services: Two-thirds (62.55%) said their endpoint solution included managed endpoint detection services.

Some vendors are sweetening their offerings by bundling endpoint monitoring and management services. These services offer in-depth or advanced threat hunting, forensics, and remediation services.

Another key trend is that endpoint protection is now moving to the cloud, with SaaS-based services for monitoring endpoints. The demand for endpoint security services has increased as cloud security has improved. Traditionally, endpoints were centrally managed from an on-premise server communicating with agents on the endpoints. This shifts the responsibility of managing endpoints out of the enterprise and into the hands of managed security services providers (MSSPs).

Here are some key findings of the survey, indicating that many organizations still need to complete their endpoint security deployments.

Key Findings

More than half the respondents (62.98%) have been using an endpoint security solution for some time.
It is surprising to note that 14.89% are not using any endpoint security solution.
The rest of the respondents (22.13%) are either in the process of evaluating a solution, implementing a solution, or conducting pilot trials.
Almost half the respondents (46.38%) agree that an endpoint security solution offers better or real-time endpoint and application visibility.
A quarter of the respondents (25.11%) said there was increased usage of mobile devices and endpoints in their organizations.
A fifth (20.85%) agreed there was increased volume and complexity of breaches.
More than half (53.19%) are using a combination of EPP and EDR solutions while the rest are using one or the other.
Two-thirds (62.55%) said their endpoint solution included managed endpoint detection services, while a little over one-third (37.45%) said they were not using such services.
More than half the respondents (52.34%) said the main factor in deciding the type of endpoint solution they want is the technical capability of the solution.
A third of the respondents (32.77%) said the biggest challenge is the complexity of deploying, managing, and using endpoint solution.


The online survey was conducted by CISO MAG readers from EC-Council’s database. The respondents represent a cross-section of organizations from over 42 countries. Responses were received from those living in the U.S., U.K., UAE, Singapore, Egypt, and The Netherlands. Entries were also received from islands in the Caribbean Sea, such as St. Vincent & The Grenadines, and Trinidad & Tobago.

The survey was prepared in consultation with security experts and industry analysts.

Survey Respondent Profile

IT Manager/ICT Manager
Head of IT/VP IT
MIS Manager
IT Security Manager
Information Security Manager
Manager/Head of Network Security
Director of Information Security
ISO/Information Security Officer
Security Operations Officer/Operation Security Manager
Security Consultant
Cybersecurity/Security Analyst
Cybersecurity Architect
Cybersecurity Engineer
Head of IS and SOC
ICT Security, Risk & Compliance Coordinator
Head IT, Risk & Security

Read the full survey report and the latest issue of CISO MAG here.


CISO MAG is a publication from EC-Council, which provides unbiased and useful information to the professionals working to secure critical sectors. The information security magazine includes news, comprehensive analysis, cutting-edge features, and contributions from thought leaders that are nothing like the ordinary. Within the first year of launch, the magazine reached a global readership of over 50,000 readers. The magazine also has an Editorial Advisory Board that comprises some of the foremost innovators and thought leaders in the cybersecurity space. Apart from this, CISO MAG also presents a platform that reaches out to cybersecurity professionals across the globe through its Summits and Awards and Power List surveys.

About EC-Council

EC-Council has been the world’s leading information security certification body since the launch of their flagship program, Certified Ethical Hacker (CEH), which created the ethical hacking industry in 2002. Since the launch of CEH, EC-Council has added industry-leading programs to their portfolio to cover all aspects of information security including EC-Council Certified Security Analyst (ECSA), Computer Hacking Forensics Investigator (CHFI), Certified Chief Information Security Officer (CCISO), among others. EC-Council also hosts conferences across the US and around the world, including Hacker Halted, Global CISO Forum, and CISO Summit. For more information about EC-Council, please see

Share this Article
You may also like
Recent Articles

Train with EC-Council