#Japan #Tokyo #Cyber Resilience #Endpoint Security #Absolute Software

Challenges in Endpoint Security Exposed by Absolute Software's Research

Recent research conducted by Absolute Software, a leader in cyber resilience, has uncovered alarming statistics regarding endpoint security in enterprises. The report, titled "Absolute Security Resilience Risk Index 2025," analyzed anonymized telemetry data from over 15 million corporate PCs and found that approximately 22% of critical endpoint security controls fail to meet internal security policies and performance benchmarks. This significant failure rate compromises businesses' ability to defend against ransomware attacks, data breaches, and complexities in their systems.

Diminished Protective Capabilities of Security Tools

The research revealed concerning trends regarding endpoint protection platforms (EPP) and security service edge (SSE) solutions. These essential security measures are unable to consistently align with the required security protocols, resulting in increased risks of ransomware infections, data breaches, and disruptions to business operations. Companies are now witnessing a pronounced vulnerability across their systems as they rely on mechanisms that are not effective.

The Rise of Concentrated Risk

Another unsettling finding highlighted in the report is the emergence of what the industry terms "concentrated risk." This phenomenon occurs when high-performing security solutions are uniformly deployed across numerous devices, making enterprises unaware of the inherent dangers. While these solutions may have a lower frequency of failures, when they do fail, the repercussions can be devastating. This calls for resilience functions in every security control, irrespective of its performance metrics, to ensure preparedness for large-scale failures.

Delayed Patch Management

Timeliness in applying patches to vulnerabilities in Windows-based PCs has been critically delayed across industries, taking an average of two months. Organizations tend to set their schedules for vulnerability scans and patch applications independently; however, the reported delay significantly surpasses guidelines from major entities such as the Cybersecurity and Infrastructure Security Agency (CISA), which advocates for patching within 30 days. The two-month average reveals a glaring inadequacy that could lead to catastrophic repercussions.

Rapid Increase in AI Utilization

Findings further indicate a surge in access to widely used generative AI platforms from organizational PCs, totaling millions of access attempts. A significant portion of this traffic—thousands of accesses—pertains to the Chinese platform DeepSeek, which is under sanctions by various governments. This massive increase in utilization poses compliance risks and exposes organizations to threats that could lead to unauthorized content downloads and leakage of confidential information to adversaries.

High-Risk Devices Vulnerable to Cybercrime

Shockingly, the research revealed that 35% of corporate PCs remain unencrypted, 26% are missing, and 18% are harboring confidential data. This hazardous combination creates glaring security blind spots where both data and devices become vulnerable to cybercriminals. Furthermore, such inadequacies allow unauthorized users prolonged access to corporate networks, presenting opportunities for escalating threats within systems and across assets.

Insights from Leadership

Christy Wyatt, CEO of Absolute Security, commented on the findings stating, "The results indicate organizations are not effectively operationalizing their critical endpoint security controls, risking high-risk behaviors while failing to implement timely patch practices. All these factors could culminate in significant security breaches and substantial losses due to prolonged business disruptions. In today’s digitized business landscape, it is dire that executives change their mindset from a traditional preventive and detection-based strategy to one that emphasizes resilience as a core capability. This shift is vital for ensuring organizational safety, enabling rapid responses, and maintaining continuous operations."

In conclusion, Absolute Software's findings call for urgent attention to endpoint security amidst a rapidly evolving threat landscape. To obtain detailed insights about identified resilience risks and the technological measures to mitigate them, organizations can download the "Absolute Security Resilience Risk Index 2025" for free.

About Absolute Software

Absolute Software collaborates with over 28 major device manufacturers and integrates its technology into the firmware of 600 million devices, purchasing support from thousands of customers worldwide and catering to 16 million PC users. By integrating Absolute Security’s cyber resilience platform into digital enterprises, organizations can ensure secure and uninterrupted connections from anywhere during remote and hybrid work scenarios, quickly recovering from cyberattacks or disruptions. The award-winning features of Absolute Security have been recognized across multiple technology categories, including Zero Trust Network Access (ZTNA), endpoint security, and automated security posture assessments. For more information, visit Absolute Software and follow us on LinkedIn, X, Facebook, and YouTube for updates.

Future Outlook

This press release contains forward-looking statements involving risks and uncertainties. Such forward-looking information is influenced by factors such as the performance and functionality of our products and services, and may not be guaranteed.

Contact

Absolute Software Corporation Public Relations Office
TEL: 03-4405-9537
Email: Absolute-pr@next-pr.co.jp

© 2025 Absolute Software Corporation. All rights reserved. ABSOLUTE, ABSOLUTE logo, NETMOTION are registered trademarks of Absolute Software Corporation or its subsidiaries. Other names and logos may be trademarks of their respective owners.