2025AI在终端管理和安全融合中的核心作用分析报告

TheGrowingRoleofAI

inEndpointManagementandSecurityConvergence

GabeKnuth|SeniorAnalyst

ENTERPRISESTRATEGYGROUP

ApRiL2025

©2025TechTarget丿lnc.AllRightsReserved.

TheGrowingRoleofAlinEndpointManagementandSecurityConvergence

ResearchObjectives

Organizationscontinuetofaceincreasingcomplexityinendpointmanagementandsecuritythatisdrivenbytherapidexpansionofremotework,risingdeviceandOSsprawl,vulnerabilitymanagementandincidentresponsechallenges,andcontinuingthreatslikeransomware.Atthesametime,thegrowinginfluenceofAIandautomationisreshapingbothoffensiveanddefensive

strategies—empoweringdefenderswithnewtoolswhileenablingbadactorstolaunchmoresophisticatedattacks.

Togainfurtherinsightintothesetrends,howorganizationsareattemptingtoovercomechallenges,andtheresultsoftheirefforts,EnterpriseStrategyGroup,nowpartofOmdia,surveyed364ITandcybersecurityprofessionalsinNorthAmerica

(USandCanada)responsibleforevaluating,purchasing,andsupportingendpointmanagementand/orsecuritytechnologies.

Thisstudysoughtto:

Assessthestateofendpointmanagementandsecurityaswellasthechallengesandprioritiesthatdrive

decision-making.

Comparetheresultsofthisresearchtosimilarresearchfrom2022,andrevealtrendsintheconvergenceofITandsecurityteams,devicesinuse,andexperiencedsecurityevents.

Understandtheshiftingtrendsinbuyingteamsasconvergencetakesholdaswellasfutureprioritiesandlikelyspendingintentions.

Highlightemergingtrends,threats,andsolutionsbroughtaboutbyanevolvingmarketthatisincreasinglycontendingwiththebenefitsanddangersofAI.

©2025TechTarget丿lnc.AllRightsReserved.

2

TheGrowingRoleofAlinEndpointManagementandSecurityConvergence3

KeyFindings

OrganizationsFace

IncreasingDeviceDiversity

andManagementComplexity

PAGE4

PAGE16PAGE20PAGE23

SecurityAwarenessandEfficacyAreAffectedbyConsolidationMaturityandSkillGaps

ManagementandSecurityTool

SprawlPersistsAmidChangingToolandTeamConsolidationEfforts

PAGE9

AIandAutonomousEndpoint

ManagementShowOverwhelminglyPositiveInitialImpacts

MostUnmanagedDevicesAreNotUnmanagedbyChoice

PAGE13

StrategicInvestmentsinTechnologyandServicesAreKeytoSuccess

©2025TechTarget丿lnc.AllRightsReserved.Backtocontents

OrganizationsFace

IncreasingDeviceDiversityandManagementComplexity

TheGrowingRoleofAlinEndpointManagementandSecurityConvergence5

©2025TechTarget丿lnc.AllRightsReserved.Backtocontents

EndpointManagementandSecurityAreBecomingMoreDifficult

Mostorganizationsaremanagingthousands—andinmanycases,tensofthousands—ofendpointdevices.Nearlythree-quarters(72%)oforganizationsreporthavingatleast1,000devicesinplay,spanninglaptops,mobiledevices,andmore.Thislevelofdevicesprawl,especiallyacrossbothmanagedandunmanagedassets,underpinstheoperationalchallengesteamsfaceastheytrytomaintainvisibility,enforcepolicies,andrespondtothreatsinrealtime.Compoundingthechallenge,employeesareusingmultipledevicestogettheirworkdone.Infact,93%oforganizationssaythetypicalemployeeusestwoormoreendpointsdaily.Thatincludeslaptops,smartphones,tablets,andotherdevices,allofwhichneedtobesecured,patched,andmonitored.

Thislevelofper-usersprawlputsadditionalpressureonITandsecurityteamsalreadystretchedthinbygrowingdevicecountsandlimitedvisibilityacrossenvironments.Becauseofthis,roughly40%ofrespondentsnotedthatendpointmanagementand/orsecurityarenowmoredifficultcomparedwithtwoyearsago.

Totalendpointdevicesinuse.

45%

27%

27%

1,000to9,999endpointdevices

10,000ormoreendpoint

devices

Fewerthan1,000endpoint

devices

Averageendpointdevicesperemployee.

35%

29%

6%

13%

8%

10%

12345Morethan5

Changeindifficultyofendpointmanagementandsecurity.

15%15%

10%

9%

Muchmoredifficult

todaythanitwastwo

yearsago

Somewhatmore

difficulttodaythanitwastwoyearsago

Nomoredifficultor

easytodaythanitwas

twoyearsago

Somewhateasier

todaythanitwastwo

yearsago

Mucheasiertoday

thanitwastwoyears

ago

EndpointsecurityEndpointmanagement

25%

21%

32%

29%

22%22%

TheGrowingRoleofAlinEndpointManagementandSecurityConvergence6

©2025TechTarget丿lnc.AllRightsReserved.Backtocontents

TheCoreDriversBehindRisingComplexityinEndpointManagementandSecurityCanBeSummedUpinTwoWords:MoreandLess

Organizationsaredealingwithmorethreats,morefrequentOSandapplicationupdates,moredevices(bothmanagedandunmanaged),andmoreremoteorhybridworkers.Thegrowingdiversityofoperatingsystems,applications,anduserneedsonlyaddstothechallengeofmanagingandsecuringtheseworkspaces.

Ifthere’sathemearoundwhatorganizationshavelessofwhenitcomestomanagingandsecuringdevices,itincludestime,expertise,andvisibility.Respondentspointtoalackof

skilledstaff,insufficienttraining,andlimitedtimetolearnoroptimizenewtoolsascontributingfactors—highlightingagrowingresourcegapatatimewhendemandscontinuetorise.

Shortageofskilledpersonnelwithendpointmanagementknowledgeorexperience

_____________________.

30%

Thenumberandfrequencyof

applicationupdatesorpatches

hasincreased

_____________________.

26%

Topfactorsdrivingincreasedendpointmanagementcomplexity.

Thenumberand

frequencyofOSupdatesorpatcheshasincreased_____________________.

37%

Thenumberofmanageddeviceshasincreased

_____________________.

36%

Wesupportmore

remoteand/orhybrid

workerstoday

_____________________.

36%

Employeesuseanassortmentofdevices,OSes,and

applicationstodotheirjob_____________________.

32%

Difficultyprovidingsecureaccesstothird-party

resources

____________________.

29%

Complexityofregulatory

compliancerequirements

_____________________.

28%

Thenumberof

unmanageddevices

hasincreased

_____________________.

26%

Increasedaccesstoanduse

ofbrowser-basedorSaaS

applications

_____________________.

26%

TheGrowingRoleofAlinEndpointManagementandSecurityConvergence7

Employeesuseanassortmentofdevices,OSes,and

applicationstodotheirjobs_____________________.

32%

Enduserslacktheright

securitytraining

_____________________.

27%

Topfactorsdrivingincreasedendpointsecuritycomplexity.

Thethreatlandscapehasgrownmorecomplex

_____________________.

40%

IncreaseduseofAIbythebusinessorendusers

_____________________.

40%

Thenumberofmanageddeviceshasincreased

_____________________.

36%

Wesupportmoreremoteand/orhybridworkerstoday

_____________________.

36%

Thenumberofendpoint

vulnerabilitieshasincreased_____________________.

31%

Thenumberofunmanageddeviceshasincreased

_____________________.

30%

Complexityofregulatory

compliancerequirements

____________________.

29%

Increasedaccesstoanduse

ofbrowser-basedorSaaS

applications

_____________________.

28%

TheGrowingRoleofAlinEndpointManagementandSecurityConvergence8

©2025TechTarget丿lnc.AllRightsReserved.Backtocontents

SkillGapsandAIThreatentoMakeEndpointMattersWorse

Whilemanyorganizationsunderstandablystruggletosupportnewtechnologieswithadequatelyknowledgeableandexperiencedstaff,asignificantportionnotedheadcountgapsinbothnewerareaslikeAI/MLandcloudsecurityandtraditionalendpointmanagement,aswellasautomationandworkflowdevelopmentandIoTdevicemanagement.PerhapsmostconcerningisthatAIisenablingbadactorstotakeadvantageoftheverygapsinskillfromwhichorganizationssufferacrossavarietyofareas,inadditiontoageneralincreaseinboththequantityandsophisticationofattacks.

This,aswillbeseenlater,hasadirectinfluenceonanorganization’sabilitytomanageandprotectitself,letaloneknowwhetheritisunderattack.

Topskillgapareasforendpointmanagementandsecurity.

46%

AIandmachinelearningimplementationandoperations

38%

CloudandSaaSsecurity

32%

Modernendpointsecuritytoolsandtechnologies

31%

30%

TraditionalendpointmanagementskillsAutomationandworkflowdevelopment

30%

IoT/OTdevicemanagement

TopwaysAIisusedbyattackerstargetingend-userdevices.

41%

Increasedquantityandsophisticationofphishingandsocialengineeringattacks

37%

DevelopingAI-drivenbotsorwormsforautomatedlateralmovement

37%

Developingmalwareorransomwarethatishardertodetectoranalyze

35%

Increasingthevolumeofattacksoverall

34%

Increasingthescaleofattacksoverall

34%

Increasingthespeedoragilityofattacksoverall

ManagementandSecurityTool

SprawlPersistsAmidChangingToolandTeamConsolidationEfforts

TheGrowingRoleofAlinEndpointManagementandSecurityConvergence10

©2025TechTarget丿lnc.AllRightsReserved.Backtocontents

ToolSprawlIsRealandDrivenbyNumerousFactors

Mostorganizationsarejugglingmultipletoolsforbothendpointmanagementandsecurity,withthemajorityusingbetweenfiveand15toolsineachcategory.Nearly30%saythey’remanaging16ormoretoolsforendpointsecurityalone.Whilerespondentswereasked

separatelyabouttheirmanagementandsecuritytools,it’slikelythatsometoolsspanbothfunctions.Still,theoveralltakeawayisclear:Teamsaresupportingalargenumberoftools,whichcanaddfriction,increasecost,andcomplicateintegration.Thefactthat21%reportusingfewerthanfivetoolsforeachcategoryhintsatsomeconsolidation—butformost,

there’sstillalongwaytogo.

Themostcommonfactorsdrivingsprawlacrossendpointsecurityandmanagementtoolsincluderequirementsspanningcustomersecurity,cyberinsurance,andindustrycompliance,aswellasspecializedtoolsforIoT/OT.

Numberofendpointmanagementandsecuritytoolsdeployed.

37%

29%

21%21%21%20%

Fewerthan55to1011to15

18%

12%11%

9%

1%1%

16to20Morethan20Don’tknow

EndpointmanagementEndpointsecurity

Toptenfactorscontributingtomanagementandsecuritytoolsprawl.

Customersecurityrequirements

Cyberinsurancerequirements

Industrycompliancerequirements

IoT/OTrequiringspecializedtools

Toolsrequiredbyimmediatecomplianceneeds

Cloudadoptionrequiringadditionaltools

Quickoremergencydeploymentsthatbecamepermanentsolutions

Legacytoolsmaintainedalongsidenewsolutions

Vendor-orpartner-mandatedtools

SeparatetoolsneededfordifferentOSordevicetypes

Respondingtospecificsecurityincidents

41%

37%

36%

36%

35%

35%

34%

33%

32%

30%

30%

TheGrowingRoleofAlinEndpointManagementandSecurityConvergence11

©2025TechTarget丿lnc.AllRightsReserved.Backtocontents

ToolConsolidationSeenasaPositive

Eightintenorganizationsbelievethatconsolidatingendpointmanagementandsecuritytoolswouldpositivelyimpacttheirabilitytomanageandsecureendpoints,whichisapositionthatisreinforcedthroughoutthisresearch.Furthermore,50%ofrespondentsbelievethatoverlappingtoolfunctionalitiesnegativelyimpacttheirorganization’sabilitytosecureand

manageendpoints.

It’snosurprise,then,toseethattheprimaryapproachtoconsolidationtakenbyorganizationsistoconsolidateendpointmanagementandsecurityvendors,followedbyobservabilityandmonitoringtechnologies.

Toolconsolidationandfunctionaloverlapavoidancearetopofmind.

Consolidatingtoolsusedforendpoint

managementandsecuritywould

positivelyimpactourabilitytomanage

andsecureendpoints.

StronglyagreeAgree

40%

40%

Overlappingfunctionalityacrosstoolscausesproblemsthatnegativelyimpactendpointmanagementandsecurity.

StronglyagreeAgree

17%

33%

亻●

Actionstakentosupportendpointmanagementandsecurityconsolidation.

48%

Consolidateendpointmanagementandsecurityvendors

42%

Consolidateorintegrateobservabilityandsecurity

40%

39%

monitoringtechnologies LeverageAI-drivenautomationfromvendorsConsolidatedesktoporapplicationvirtualizationmanagementteamsandworkflows

36%

36%

35%

34%

33%

Engagewiththird-partyservices

PurchaseordeployUEMtechnologiesthat supportPCs,Macs,andmobiledevicesPurchaseordeploytoolsthatprovidefunctionality forbothvulnerabilityandpatchmanagementEstablishanendpointassetmanagementsystemasasinglesourceoftruth

IntegratedisparatetoolsthroughAPIs

©2025TechTarget丿lnc.AllRightsReserved.Backtocontents

TheGrowingRoleofAlinEndpointManagementandSecurityConvergence12

Haveorganizationsconsolidatedteamsmanagingendpointmanagementandsecurityfunctions?

TeamConsolidationEffortsSeemtoHaveStalled

oneteamthatownsbothendpointYes,

Yes,completely(i.e.,thereisnow

Thoughtoolconsolidationistopofmind,momentumtowardoverallmanagementandsecuritymanagementandsecurity)toalimitedextent

teamconsolidationhasslowed.Whileit’sstillapriority,drivenbythedesiretoimproveoperationalefficiencyandcoordinationaswellassecurityresponsetimesandeffectiveness,thepercentageofrespondentsthatidentifyashavingcompletelyconsolidatedtheirteamsintoonehasfallen

from55%to43%overthepasttwoyears.

36%Likewise,thereisadrop-offinconsolidationaspirationsamongorganizationsthathavenotyet43%

completelyintegratedthepersonnelsupportingendpointmanagementandsecurityfunctions.55%

Specifically,thenumberoftheseorganizationsthatanticipatefullycombiningmanagementand39%

securityeffortsunderoneteamhasdroppedfrom58%in2023to44%in2025.

Forthosethathaveconsolidatedorexpectto,mostoftentheresultingteambecomespartofIT

operationsasopposedtosecurityoperations,whichcouldexplainwhysomesaytherewillalways2023202520232025

besomeproceduresthatwillbeownedbyotherteams.

AreorganizationsplanningtoconsolidateteamsmanagingendpointTeamthatownstheconsolidatedendpointmanagement

managementandsecurityfunctions?andsecurityfunction.

17%

22%60%

1%

IToperations

Security

Anewgroupcombiningbothdisciplines

Don'tknow

58%

44%46%

36%

5%

YesMaybe,buttooearlytotellNo,therewillalwaysbeprocessesand

proceduresthatshouldbeownedand

managedbydifferentendpointteams

20232025

10%

MostUnmanagedDevicesAreNotUnmanagedbyChoice

TheGrowingRoleofAlinEndpointManagementandSecurityConvergence14

©2025TechTarget丿lnc.AllRightsReserved.Backtocontents

EndpointDeviceManagementIsaMixedBagWithSimilarlyMixedResults

Respondentsindicatedanaverageof68%oftheirorganization’sdevicesarecentrallymanagedbyITorsomethird-partyprovider.Therealstory,however,isintheunmanageddevices.Typically,unmanageddevicesfallintotwocategories:“strategically

unmanaged,”wherebysecurityisensuredviaalternativemeanslikezero-truststrategies,VPNs,browsersecurity,ordesktop

virtualization,and“unintentionallyunmanaged,”wherebydevicesgounmanagednotbecauseofastrategy,butduetooversight,

lackofvisibility,orcapabilitygaps.Theresearchshowsthat59%ofunmanageddevicesbelongtothelattercategory,whichmeansthatnearlyoneinfivedevicesinagivenorganizationarebothunmanagedandunsecured.

Percentageoftotaldevicesthatarecentrallymanaged.

23%

14%

15%13%

12%

8%

7%

1%

3%

4%

10%or

less

11%to

20%

21%to

30%

31%to

40%

41%to

50%

51%to

60%

61%to

70%

71%to

80%

81%to

90%

91%to

100%

Percentageofunmanageddevicesthatarestrategicallyunmanaged.

18%

12%

11%

10%

9%

8%

7%

6%6%

10%

10%or

less

11%to

20%

21%to

30%

31%to

40%

41%to

50%

51%to

60%

61%to

70%

71%to

80%

81%to

90%

91%to

100%

TheGrowingRoleofAlinEndpointManagementandSecurityConvergence15

©2025TechTarget丿lnc.AllRightsReserved.Backtocontents

Visibility,Access,andComplexityToptheListofReasonsDevicesGoUnmanaged

Whenaskedaboutwhythesedevicesgounintentionallyunmanaged,organizationsindicatedconcerningtechnicalandvisibilitylimitations,alongwithothercommonchallengesrelatedtocomplexity,moredevices,andresourceconstraints.

Giventheoverallconfidenceintheirabilities,thispaintsaparadoxicalpicturethatwouldindicatethatoperationsmaynotbeasrobustastheyseem.Asisillustratedinthenextsection,thiscanresultincriticaloversights.

Topfactorsthatleadtounintentionallyunmanageddevices.

Limitedvisibilityintodeviceexistenceorlocation

_____________________.

41%

Rapiddeviceproliferationoutpacingmanagementcapabilities

____________________.

34%

Technicallimitations

preventingmanagement

_____________________.

40%

Resourceconstraints

_____________________.

32%

Third-partyorcontractor

deviceswithrestrictedaccess

____________________.

39%

Insufficienttoolsorcapabilitiestomanagethesedevices

_____________________.

30%

Complexorlegacysystemsthatresiststandardmanagementapproaches

____________________.

39%

Organizationalsilosorunclearownership

_____________________.

27%

SecurityAwarenessandEfficacyAreAffectedbyConsolidationMaturityandSkillGaps

TheGrowingRoleofAlinEndpointManagementandSecurityConvergence17

©2025TechTarget丿lnc.AllRightsReserved.Backtocontents

PoorDeviceManagementContinuestoFuelCyberattacks,butFewerAttacksAreReported

Asignificantnumberoforganizationsexperiencecyberattacksduetounknown,unmanaged,orpoorlymanagedendpoints;however,thenumberofrespondentswhoansweredintheaffirmativeonthisisdownsignificantly.Specifically,morethanthree-quarters(77%)saidtheyhadin2023versusjustmorethanhalf(54%)in2025.

Howcanthesituationbegettingmoredifficult,withsomanyskillgapsandunintentionallyunmanageddevices,yetweseereducedcyberattacks?Theansweris,forbetterandworse:awareness.

Haveorganizationsexperiencedcyberattacksrelatedtounknown,unmanaged,orpoorlymanageddevices?

22%

15%

10%

8%

1%0%

Yes,severaltimesYes,onceMaybe,butwedon’thaveenoughNoDon'tknow

informationtoknowforsure

36%

34%

32%

20232025

43%

TheGrowingRoleofAlinEndpointManagementandSecurityConvergence18

©2025TechTarget丿lnc.AllRightsReserved.Backtocontents

Awareness(andLackThereof)ContributestoaPerceived

ReductioninSecurityEvents

Whenlookingatthoseorganizationsthathad

reportedcyberattacksthroughthelensofthe

degreeofendpointmanagementandsecuritypersonnelconsolidationtheyreportedhaving

completed,itshowsaclearconnectionbetweenconsolidationandgreaterawarenessofthe

securityeventsthathaveoccurred.Inessence,consolidatedteamsseemoreeventsbecausetheyarebetteratfindingthem,whereasgroupsthatarenotconsolidatedarenotasgoodat

identifyingthoseeventsandaremorelikelytosaytheyhaven’texperiencedany.

Frequencyofcyberattackdetectionbasedonextentofendpointmanagementandsecuritypersonnelconsolidation.

We'veexperiencedseveralcyberattackscausedbytheexploitofanunknown,unmanaged,orpoorlymanagedendpointWe'veexperiencedonecyberattackcausedbytheexploitofanunknown,unmanaged,orpoorlymanagedendpoint

35%

23%

Wehavecompletelyconsolidatedtheteamsorindividualsresponsibleforendpointmanagementandendpointsecurity(i.e.,thereisnowoneteamthatownsbothendpointmanagementandsecurity)

13%

45%

Wehaveconsolidatedtheteamsorindividualsresponsible