> **来源:[研报客](https://pc.yanbaoke.cn)** # Summary of "The Growing Role of AI in Endpoint Management and Security Convergence" ## Core Content This report explores the evolving landscape of endpoint management and security in the context of increasing complexity, driven by factors such as remote work, device and OS sprawl, and the rise of AI. It highlights the challenges organizations face in managing and securing endpoints, the role of AI in both offensive and defensive strategies, and the ongoing efforts to consolidate tools and teams. ## Main Findings ### Organizations Face Increasing Device Diversity and Management Complexity - **Device Sprawl**: Most organizations manage thousands of endpoints, with 72% having at least 1,000 devices. - **Per-User Device Usage**: 93% of organizations report that the average employee uses two or more endpoints daily. - **Difficulty Increase**: 40% of respondents note that endpoint management and security are now more difficult than they were two years ago. - **Tool Deployment**: The average number of endpoint management and security tools deployed is around 10, with 27% using 10,000 or more devices. ### Top Factors Driving Complexity - **More Threats and Attacks**: The threat landscape has grown more complex. - **More Devices and OSes**: Increased device diversity and OS sprawl. - **More Remote/Hybrid Workers**: Growing number of remote and hybrid workers. - **More Vulnerabilities**: The number of endpoint vulnerabilities has increased. - **Less Time, Expertise, and Visibility**: Organizations are struggling with limited time, expertise, and visibility. ### Skill Gaps and AI Threats - **Skill Gaps**: AI and machine learning implementation, cloud and SaaS security, and traditional endpoint management skills are the top areas of concern. - **AI in Cyberattacks**: Attackers are using AI to enhance phishing, social engineering, and malware attacks, making them more sophisticated and harder to detect. ### Tool Sprawl and Consolidation Efforts - **Tool Sprawl**: Organizations are using an average of 10-15 tools for endpoint management and security. - **Consolidation**: 80% of organizations believe that consolidating tools would positively impact their ability to manage and secure endpoints. - **Functional Overlap**: 50% of respondents believe overlapping functionalities negatively impact endpoint security and management. - **Consolidation Approaches**: The primary methods include consolidating vendors, integrating observability and monitoring, and leveraging AI-driven automation. ### Team Consolidation - **Consolidation Trends**: The percentage of organizations that have fully consolidated their endpoint management and security teams has dropped from 55% in 2023 to 43% in 2025. - **Team Ownership**: Most consolidated teams are part of IT operations rather than security operations. - **Consolidation Aspirations**: Only 44% of organizations expect to fully combine management and security efforts under one team, down from 58% in 2023. ### Unmanaged Devices - **Unmanaged Devices**: 59% of unmanaged devices are unintentionally unmanaged due to oversight, lack of visibility, or capability gaps. - **Management Coverage**: On average, 68% of devices are centrally managed, with 59% of unmanaged devices being unsecured. - **Reasons for Unmanagement**: Issues include misconfigured systems, outdated patches, access control problems, and unknown assets. ### Security Awareness and Efficacy - **Awareness Impact**: Consolidated teams report higher awareness of security events, while non-consolidated teams are less likely to detect attacks. - **Security Issues**: Common issues include misconfigured systems, outdated patches, and access control problems, which were previously unknown but now discovered through monitoring. ### AI and Autonomous Endpoint Management (AEM) - **Interest in AEM**: 85% of respondents expect to increase spending on AEM over the next 12–24 months. - **Early Benefits**: Organizations see benefits such as reduced manual workload, better integration, and faster threat detection. - **Expected Outcomes**: AEM is expected to improve operational resilience, reduce incidents, and provide predictive insights. ### Strategic Investments - **Spending Intentions**: 85% of respondents expect to increase spending on endpoint management and security over the next 18–24 months. - **Investment Focus**: Investments are directed towards team and tool consolidation, policy standardization, automation, and compliance. - **Top Actions**: Organizations will focus on consolidating teams, implementing unified tools, and improving collaboration across IT and security functions. ## Key Takeaways - **Device Sprawl**: The complexity of endpoint management is growing due to increased device diversity and the number of endpoints per user. - **Skill Gaps**: Organizations face significant challenges in acquiring and retaining skilled personnel, especially in AI and cloud security. - **Tool Consolidation**: Despite efforts, tool sprawl persists, and consolidation is seen as a critical step toward better security and management. - **Unmanaged Devices**: A significant portion of unmanaged devices are not unmanaged by choice, indicating a lack of oversight and visibility. - **AI Impact**: AI is both a tool for defenders and a weapon for attackers, increasing the sophistication of threats. - **AEM Adoption**: There is strong interest in autonomous endpoint management, with expected benefits in efficiency, security, and scalability. - **Investment Trends**: Strategic investments in technology and services are expected to continue, focusing on consolidation, automation, and compliance.