2025AI在端点管理与安全融合中的关键作用分析报告

TheGrowingRoleofAIinEndpointManagement

andSecurityConvergenceGabeKnuth|SeniorAnalystENTERPRISESTRATEGYGROUPapril2025©2025TechTarget,Inc.All

Rights

Reserved.TheGrowingRoleofAIinEndpointManagementandSecurityConvergenceResearchObjectivesOrganizationscontinuetofaceincreasingcomplexityinendpointmanagementandsecuritythatisdrivenbytherapidexpansion

ofremotework,risingdeviceandOSsprawl,vulnerabilitymanagementandincidentresponsechallenges,andcontinuingthreats

likeransomware.Atthesametime,thegrowinginfluenceofAIandautomationisreshapingbothoffensiveanddefensivestrategies—empoweringdefenderswithnewtoolswhileenablingbadactorstolaunchmoresophisticatedattacks.Togainfurtherinsightintothesetrends,howorganizationsareattemptingtoovercomechallenges,andtheresultsoftheir

efforts,EnterpriseStrategyGroup,nowpartofOmdia,surveyed364ITandcybersecurityprofessionalsinNorthAmerica(USandCanada)responsibleforevaluating,purchasing,andsupportingendpointmanagementand/orsecuritytechnologies.Thisstudysoughtto:©2025TechTarget,Inc.All

Rights

Reserved.

Back

to

contents2Assess

thestateofendpointmanagementandsecurity

aswellasthechallengesandprioritiesthatdrivedecision-making.Comparetheresultsofthisresearchtosimilarresearchfrom

2022,and

reveal

trends

in

the

convergence

of

IT

and

securityteams,devicesinuse,andexperiencedsecurityevents.Understand

theshifting

trendsinbuying

teamsas

convergencetakesholdaswellasfuturepriorities

andlikelyspendingintentions.Highlightemergingtrends,threats,andsolutionsbrought

aboutbyanevolvingmarketthatisincreasinglycontending

withthebenefitsanddangersofAI.MostUnmanagedDevicesAre

NotUnmanagedbyChoicePAGE

13StrategicInvestmentsin

Technology

andServicesAreKey

toSuccessPAGE23OrganizationsFaceIncreasingDeviceDiversityandManagementComplexityPAGE4©2025TechTarget,Inc.All

Rights

Reserved.

Back

to

contentsManagementandSecurity

ToolSprawlPersistsAmidChanging

Tool

and

TeamConsolidationEffortsPAGE

9TheGrowingRoleofAIinEndpointManagementandSecurityConvergence

3AIandAutonomousEndpointManagementShowOverwhelmingly

PositiveInitialImpactsPAGE20Security

AwarenessandEfficacyAreAffectedbyConsolidationMaturityandSkillGapsPAGE

16KeyFindingsOrganizationsFaceIncreasingDeviceDiversity

andManagementComplexityEndpointManagementandSecurityAreBecomingMoreDifficultMostorganizationsaremanagingthousands—andinmanycases,tensofthousands—ofendpointdevices.Nearlythree-quarters(72%)oforganizationsreporthavingatleast1,000

devicesinplay,spanninglaptops,mobiledevices,andmore.

Thislevelofdevicesprawl,especiallyacrossbothmanagedandunmanagedassets,underpinstheoperationalchallenges

teamsfaceastheytrytomaintainvisibility,enforcepolicies,andrespondtothreatsinrealtime.Compoundingthechallenge,employeesareusingmultipledevicestogettheirwork

done.Infact,93%oforganizationssaythetypicalemployeeusestwoormoreendpointsdaily.Thatincludeslaptops,smartphones,tablets,andotherdevices,allofwhichneedtobe

secured,patched,andmonitored.Thislevelofper-usersprawlputsadditionalpressureonITandsecurityteamsalreadystretchedthinbygrowingdevicecountsandlimitedvisibilityacrossenvironments.Becauseof

this,roughly40%ofrespondentsnotedthatendpointmanagementand/orsecurityarenowmoredifficultcomparedwithtwoyearsago.

Changeindifficultyofendpointmanagementandsecurity.Endpointsecurity

Endpoint

management32%29%35%29%6%13%10%15%9%©2025TechTarget,Inc.All

Rights

Reserved.

Back

to

contentsTheGrowingRoleofAIinEndpointManagementandSecurityConvergence

545%27%1

2

3

4

5

More

than

5Averageendpointdevicesperemployee.No

more

difficult

oreasy

today

than

it

wastwo

years

agoMuch

more

difficulttoday

than

it

was

twoyearsagoFewer

than

1,000endpointdevicesSomewhateasiertoday

than

it

was

twoyearsagoMuch

easier

todaythan

it

was

two

yearsagoSomewhat

moredifficult

today

than

itwas

two

years

ago10,000or

more

endpointdevicesTotalendpointdevicesinuse.1,000to9,999

endpointdevices25%21%27%22%22%10%15%8%TheCoreDriversBehindRisingComplexityinEndpointManagementandSecurityCanBeSummedUpin

TwoWords:MoreandLessOrganizationsaredealingwithmorethreats,morefrequentOSandapplicationupdates,moredevices(bothmanagedandunmanaged),andmoreremoteorhybridworkers.Thegrowingdiversityofoperatingsystems,applications,anduserneedsonlyaddstothechallengeofmanagingandsecuringtheseworkspaces.Ifthere’sathemearoundwhatorganizationshavelessofwhenitcomestomanagingandsecuringdevices,itincludestime,expertise,andvisibility.Respondentspointtoalackofskilledstaff,insufficienttraining,andlimitedtimetolearnoroptimizenewtoolsascontributingfactors—highlightingagrowingresourcegapatatimewhendemandscontinuetorise.Topfactorsdrivingincreasedendpointmanagementcomplexity.Shortageofskilledpersonnel

withendpointmanagement

knowledgeorexperience300700.30%Thenumberandfrequencyofapplicationupdatesorpatcheshasincreased260740.26%Employeesuseanassortment

ofdevices,OSes,andapplicationstodotheir

job

320680.32%Increasedaccess

toanduseofbrowser-basedorSaaSapplications260740.26%ThenumberandfrequencyofOSupdates

orpatcheshasincreased

370630.37%Difficulty

providing

secure

accesstothird-partyresources290710.29%Wesupportmoreremoteand/orhybridworkerstoday360640.36%Thenumberofunmanaged

deviceshasincreased260740.26%Thenumberofmanageddeviceshasincreased360640.36%Complexityofregulatorycompliancerequirements280720.28%©2025TechTarget,Inc.All

Rights

Reserved.

Back

to

contentsTheGrowingRoleofAIinEndpointManagementandSecurityConvergence

6Employeesuseanassortment

ofdevices,OSes,andapplicationstodotheir

jobs

320680.32%Enduserslacktherightsecuritytraining270730.27%We

support

more

remote

and/or

hybrid

workers

today360640.36%Increasedaccess

toanduseofbrowser-basedorSaaSapplications280720.28%Thethreatlandscapehasgrownmorecomplex400600.40%Thenumberofendpointvulnerabilitieshasincreased310690.31%IncreaseduseofAIbythe

businessorendusers400600.40%Thenumberofunmanageddeviceshasincreased300700.30%Thenumberofmanageddeviceshasincreased360640.36%Complexityofregulatorycompliancerequirements290710.29%©2025TechTarget,Inc.All

Rights

Reserved.

Back

to

contentsTheGrowingRoleofAIinEndpointManagementandSecurityConvergence

7Topfactorsdrivingincreasedendpointsecuritycomplexity.SkillGapsandAI

ThreatentoMakeEndpointMattersWorseWhilemanyorganizationsunderstandablystruggletosupportnewtechnologieswithadequatelyknowledgeableandexperiencedstaff,asignificantportionnotedheadcountgapsin

bothnewerareaslikeAI/MLandcloudsecurityandtraditionalendpointmanagement,aswellasautomationandworkflowdevelopmentandIoTdevicemanagement.Perhapsmost

concerningisthatAIisenablingbadactorstotakeadvantageof

theverygapsinskillfromwhichorganizationssufferacrossavarietyofareas,inadditiontoageneralincreaseinboth

thequantityandsophisticationofattacks.This,aswillbeseenlater,hasadirectinfluenceonanorganization’sabilitytomanageandprotectitself,letaloneknowwhetheritisunderattack.46%38%32%31%30%30%AIandmachinelearning

implementation

andoperationsCloudandSaaS

securityModernendpointsecuritytoolsandtechnologiesTraditionalendpointmanagementskillsAutomationandworkflowdevelopmentIoT/OTdevicemanagement41%37%37%35%34%34%IncreasedquantityandsophisticationofphishingandsocialengineeringattacksDevelopingAI-drivenbotsorwormsforautomatedlateral

movementDevelopingmalwareorransomwarethat

is

hardertodetectoranalyzeIncreasingthevolumeofattacksoverallIncreasingthescaleofattacksoverallIncreasingthespeedoragilityofattacksoverall©2025TechTarget,Inc.All

Rights

Reserved.

Back

to

contentsTheGrowingRoleofAIinEndpointManagementandSecurityConvergence

8TopwaysAIisusedbyattackers

targetingend-userdevices.Topskillgapareasforendpointmanagementandsecurity.ManagementandSecurityToolSprawlPersistsAmidChangingTool

andTeamConsolidationEffortsCustomersecurity

requirementsCyberinsurance

requirementsIndustrycompliancerequirementsIoT/OT

requiringspecializedtoolsTools

required

by

immediatecomplianceneedsCloudadoption

requiringadditionaltoolsQuickoremergencydeploymentsthat

becamepermanentsolutionsLegacytools

maintainedalongside

newsolutionsVendor-orpartner-mandatedtoolsSeparatetools

neededfordifferentOS

ordevicetypesRespondingtospecificsecurity

incidents41%37%36%36%35%35%34%33%32%30%30%ToolSprawlIsRealandDrivenbyNumerousFactorsMostorganizationsare

jugglingmultipletoolsforbothendpointmanagementandsecurity,with

the

majority

using

between

five

and15tools

in

each

category.Nearly30%say

they’re

managing16ormoretoolsforendpointsecurityalone.Whilerespondentswereaskedseparatelyabouttheirmanagementandsecuritytools,it’slikelythatsometoolsspanboth

functions.Still,theoveralltakeawayisclear:Teamsaresupportingalargenumberoftools,

whichcanaddfriction,increasecost,andcomplicateintegration.Thefactthat21%report

usingfewerthanfivetoolsforeachcategoryhintsatsomeconsolidation—butformost,there’s

still

a

long

way

to

go.Themostcommonfactorsdrivingsprawlacrossendpointsecurityandmanagement

toolsincluderequirementsspanningcustomersecurity,cyberinsurance,andindustry

compliance,aswellasspecializedtoolsforIoT/OT.Numberofendpointmanagementandsecurity

toolsdeployed.

EndpointmanagementEndpointsecurity37%29%21%

21%

21%

20%18%©2025TechTarget,Inc.All

Rights

Reserved.

Back

to

contentsTheGrowingRoleofAIinEndpointManagementandSecurityConvergence

10Fewer

than55to

1011to

1516to20Morethan20Don’t

knowTop

tenfactorscontributing

tomanagementandsecurity

toolsprawl.11%1%1%12%9%ToolConsolidationSeenasaPositiveEightintenorganizationsbelievethatconsolidatingendpointmanagementandsecuritytoolswouldpositivelyimpacttheirabilitytomanageandsecureendpoints,whichisaposition

thatisreinforcedthroughoutthisresearch.Furthermore,50%ofrespondentsbelievethatoverlappingtoolfunctionalitiesnegativelyimpacttheirorganization’sabilitytosecureandmanageendpoints.It’snosurprise,then,toseethattheprimaryapproachtoconsolidationtakenbyorganizationsistoconsolidateendpointmanagementandsecurityvendors,followedbyobservability

andmonitoringtechnologies.Consolidateendpointmanagementand

securityvendorsConsolidateorintegrateobservabilityand

securitymonitoringtechnologiesLeverageAI-drivenautomationfromvendorsConsolidatedesktoporapplicationvirtualizationmanagementteamsandworkflowsEngagewiththird-partyservicesPurchaseordeploy

UEMtechnologiesthat

support

PCs,

Macs,andmobiledevices

Purchaseordeploytoolsthatprovidefunctionality

forbothvulnerabilityand

patch

managementEstablishanendpointassetmanagement

systemasasingle

source

oftruthIntegratedisparatetoolsthroughAPIs48%42%40%39%36%36%35%34%33%©2025TechTarget,Inc.All

Rights

Reserved.

Back

to

contents

9Consolidatingtoolsusedforendpointmanagementandsecuritywouldpositivelyimpactourabilitytomanageandsecureendpoints. Strongly

agree

Agree40%40%(●Overlappingfunctionalityacross

toolscausesproblemsthat

negativelyimpactendpoint

managementandsecurity. Strongly

agree

Agree17%33%TheGrowingRoleofAIinEndpointManagementandSecurityConvergence

11Actions

taken

tosupportendpointmanagementandsecurityconsolidation.Toolconsolidationandfunctionaloverlapavoidanceare

topofmind.TheGrowingRoleofAIinEndpointManagementandSecurityConvergenceTeamConsolidationEffortsSeem

toHaveStalledThoughtoolconsolidationistopofmind,momentumtowardoverallmanagementandsecurityteamconsolidationhasslowed.Whileit’sstillapriority,drivenbythedesiretoimproveoperational

efficiencyandcoordinationaswellassecurityresponsetimesandeffectiveness,thepercentage

ofrespondentsthatidentifyashavingcompletelyconsolidatedtheirteamsintoonehasfallenfrom55%to43%over

the

past

two

years.Likewise,thereisadrop-offinconsolidationaspirationsamongorganizationsthathavenotyet

completelyintegratedthepersonnelsupportingendpointmanagementandsecurityfunctions.Specifically,thenumberof

theseorganizationsthatanticipatefullycombiningmanagementandsecurity

efforts

under

one

team

has

dropped

from58%in2023to44%in2025.Forthosethathaveconsolidatedorexpectto,mostoftentheresultingteambecomespartofIT

operationsasopposedtosecurityoperations,whichcouldexplainwhysomesaytherewillalways

besomeproceduresthatwillbeownedbyotherteams.12managingendpointYes,toalimitedextent

93

2023

20256%9%58%44%

46%36%10%5%Areorganizationsplanning

toconsolidate

teamsmanagingendpoint

managementandsecurityfunctions?

2023

2025(Team

thatowns

theconsolidatedendpointmanagement

andsecurityfunction.1%

IT

operations

Security

Anew

groupcombining

both

disciplines

Don'tknowYes

Maybe,

but

too

early

to

tell

No,there

will

always

be

processes

andproceduresthatshould

beowned

and

managed

bydifferentendpointteams©2025TechTarget,Inc.All

Rights

Reserved.

Back

to

contentsHaveorganizationsconsolidated

teams

managementandsecurityfunctions?Yes,completely(i.e.,thereisnowoneteamthatownsbothendpointmanagementandsecurity)

2023

202522%60%17%43%55%MostUnmanagedDevicesAre

NotUnmanagedbyChoiceEndpointDeviceManagementIsaMixedBagWithSimilarlyMixedResultsRespondentsindicatedanaverageof68%oftheirorganization’sdevicesarecentrallymanagedbyITorsomethird-partyprovider.

Therealstory,however,isintheunmanageddevices.Typically,unmanageddevicesfallintotwocategories:“strategicallyunmanaged,”

wherebysecurityisensuredviaalternativemeanslikezero-truststrategies,VPNs,browsersecurity,ordesktopvirtualization,and“unintentionallyunmanaged,”

wherebydevicesgounmanagednotbecauseofastrategy,butduetooversight,lackofvisibility,orcapabilitygaps.Theresearchshowsthat59%ofunmanageddevicesbelongtothelattercategory,whichmeans

thatnearlyoneinfivedevicesinagivenorganizationarebothunmanagedandunsecured.

Percentageofunmanageddevices

thatarestrategicallyunmanaged.18%©2025TechTarget,Inc.All

Rights

Reserved.

Back

to

contentsTheGrowingRoleofAIinEndpointManagementandSecurityConvergence

1412%10%9%8%6%

6%Percentageof

totaldevices

thatarecentrallymanaged.12%8%7%

4%15%

13%41%to50%41%to50%21%to30%21%to30%61%to70%61%to70%81%to90%81%to90%31%to40%31%to40%51%to60%91%to100%51%to60%91%to100%71%to80%71%to80%11%

to20%11%

to20%10%

orless10%

orless23%14%10%11%3%1%7%Visibility,Access,andComplexity

ToptheListofReasonsDevicesGoUnmanagedWhenaskedaboutwhythesedevicesgounintentionallyunmanaged,organizationsindicatedconcerningtechnicalandvisibilitylimitations,alongwithothercommon

challengesrelatedtocomplexity,moredevices,andresourceconstraints.Giventheoverallconfidenceintheirabilities,thispaintsaparadoxicalpicturethatwouldindicatethatoperationsmaynotbeasrobustastheyseem.Asisillustratedinthe

nextsection,thiscanresultincriticaloversights.Topfactors

thatlead

tounintentionallyunmanageddevices.Complexorlegacysystemsthatresist

standardmanagementapproaches390610.39%Organizationalsilosorunclearownership270730.27%Limitedvisibilityintodeviceexistenceorlocation410590.41%Rapiddeviceproliferationoutpacing

managementcapabilities340660.34%Third-partyorcontractordeviceswithrestrictedaccess390610.39%Insufficienttoolsorcapabilitiesto

manage

thesedevices300700.30%Technicallimitationspreventingmanagement400600.40%Resourceconstraints320680.32%©2025TechTarget,Inc.All

Rights

Reserved.

Back

to

contentsTheGrowingRoleofAIinEndpointManagementandSecurityConvergence

15SecurityAwarenessandEfficacyAreAffectedbyConsolidationMaturityandSkillGapsPoorDeviceManagementContinuestoFuelCyberattacks,butFewerAttacksAreReportedAsignificantnumberoforganizationsexperiencecyberattacksduetounknown,unmanaged,orpoorlymanagedendpoints;however,thenumberofrespondentswhoanswered

in

the

affirmative

on

this

is

down

significantly.Specifically,more

than

three-quarters(77%)said

they

had

in2023versus

just

more

than

half(54%)in2025.Howcanthesituationbegettingmoredifficult,withsomanyskillgapsandunintentionallyunmanageddevices,yetweseereducedcyberattacks?Theansweris,forbetter

andworse:awareness.Haveorganizationsexperiencedcyberattacksrelated

tounknown,unmanaged,orpoorlymanageddevices? 2023

2025Yes,several

times

Yes,once

Maybe,

but

we

don’t

have

enough

No

Don't

knowinformationto

knowforsure15%10%8%1%36%34%32%©2025TechTarget,Inc.All

Rights

Reserved.

Back

to

contentsTheGrowingRoleofAIinEndpointManagementandSecurityConvergence

1743%22%0%Awareness(andLack

Thereof)

ContributestoaPerceivedReductioninSecurityEventsWhenlookingatthoseorganizationsthathadreportedcyberattacksthroughthelensofthedegreeofendpointmanagementandsecurity

personnelconsolidationtheyreportedhavingcompleted,itshowsaclearconnectionbetween

consolidationandgreaterawarenessof

thesecurityeventsthathaveoccurred.Inessence,

consolidatedteamsseemoreeventsbecause

theyarebetteratfindingthem,whereasgroups

thatarenotconsolidatedarenotasgoodatidentifyingthoseeventsandaremorelikelyto

saytheyhaven’texperiencedany.Wehavecompletelyconsolidatedtheteamsorindividuals

responsibleforendpointmanagementandendpointsecurity

(i.e.,there

is

nowoneteamthatownsbothendpointmanagement

and

security)Wehaveconsolidatedtheteamsorindividuals

responsibleforendpointmanagementandendpointsecuritytoa

limitedextentWehavenotconsolidatedtheteamsor

individuals

responsibleforendpoint

managementanden