> **来源:[研报客](https://pc.yanbaoke.cn)** # Summary of "The Growing Role of AI in Endpoint Management and Security Convergence" ## Core Content This document explores the evolving challenges and strategies in endpoint management and security, emphasizing the increasing complexity driven by remote work, device sprawl, and the integration of AI and automation. It presents findings from a survey of 364 IT and cybersecurity professionals in North America, highlighting the current state of device management, tool sprawl, skill gaps, and the role of AI in both offensive and defensive strategies. ## Main Points ### Increasing Complexity in Endpoint Management and Security - **Device Diversity and Management Challenges**: Organizations are managing thousands of endpoint devices, with 72% having at least 1,000 devices. The average number of devices per employee is 2–3, and 93% of employees use two or more endpoints daily. - **Unmanaged Devices**: Most unmanaged devices are not unmanaged by choice but due to oversight, lack of visibility, or capability gaps. Only 41% of unmanaged devices are strategically unmanaged, while the rest are unintentionally unmanaged. - **Operational Challenges**: The complexity of managing and securing endpoints has increased, with 40% of respondents noting that it is now more difficult compared to two years ago. ### Key Drivers of Complexity - **More Threats and Less Visibility**: The threat landscape has grown more complex, and organizations have less time, expertise, and visibility to manage and secure endpoints. - **Top Factors**: - Increased number of endpoint vulnerabilities - More remote/hybrid workers - Increased use of AI by attackers - Complexity of regulatory compliance - Increased use of browser-based or SaaS applications ### Skill Gaps - **Critical Skill Shortages**: AI/ML, cloud and SaaS security, and modern endpoint security tools are areas with significant skill gaps. - **AI as a Double-Edged Sword**: AI is enabling attackers to launch more sophisticated and faster attacks, including AI-driven phishing, bots, and malware. ### Tool Sprawl and Consolidation - **Tool Sprawl Persists**: Organizations use an average of 5–15 tools for endpoint management and security, with 29% using 16 or more for security alone. - **Consolidation as a Priority**: 80% of organizations believe consolidating endpoint management and security tools would improve their ability to manage and secure endpoints. - **Functional Overlap**: 50% of respondents believe overlapping tool functionalities negatively impact their ability to secure and manage endpoints. - **Consolidation Approaches**: The most common consolidation actions include: - Consolidating vendors - Integrating observability and security monitoring - Leveraging AI-driven automation - Establishing a single source of truth for asset management ### Team Consolidation Efforts - **Stalled Momentum**: While consolidation is a priority, the percentage of organizations that have fully consolidated teams has dropped from 55% in 2023 to 43% in 2025. - **Limited Consolidation**: 39% of organizations have consolidated to a limited extent. - **Team Ownership**: Most consolidated teams are part of IT operations rather than security operations, which may explain why some processes remain under separate teams. ### Impact of Consolidation on Awareness and Efficacy - **Awareness and Detection**: Consolidated teams are more likely to detect and respond to security events, indicating improved awareness and efficacy. - **Cyberattack Reduction**: Despite increased complexity, fewer organizations report experiencing cyberattacks due to unmanaged or poorly managed endpoints, suggesting improved awareness and practices. ### Role of AI in Endpoint Management - **Autonomous Endpoint Management (AEM)**: AEM is gaining interest, with 85% of respondents expecting to increase spending on it in the next 12–24 months. - **Early Benefits**: Organizations report or expect benefits such as reduced manual workload, improved integration, faster threat detection, and better scalability and efficiency. - **AI-Driven Insights**: AI is helping with proactive risk identification, predictive maintenance, and data-driven recommendations for endpoint health and security. ### Strategic Investments - **Spending Intentions**: 85% of respondents expect to increase spending on endpoint management and security, with a third anticipating significant increases. - **Investment Focus**: Organizations are investing in: - Team and tool consolidation - Unified policies and enforcement - Better collaboration between IT and security teams - Regulatory compliance and zero-trust frameworks - AI and automation for workflow and security processes ## Key Information - **Device Sprawl**: Organizations are managing large numbers of endpoints, leading to increased complexity and challenges in security and management. - **Unmanaged Devices**: A significant portion of unmanaged devices are unintentionally unmanaged, contributing to security risks. - **AI and Automation**: AI is both a tool for defenders and a threat for attackers, with clear benefits and risks in endpoint management and security. - **Consolidation**: Tool and team consolidation is seen as a positive move, though progress has slowed. - **Investment Trends**: There is a clear trend toward increased investment in endpoint management and security technologies, especially those involving AI and automation, to address growing challenges and improve operational efficiency.