Ensuring endpoint security has always been a key challenge for enterprises.\n\nBut whereas it was once enough to install antivirus (AV) software across a network and expect a reasonable level of endpoint protection, this is no longer the case.\n\nWith the proliferation of bring your own device policies in the workplace and the wide variety of smart devices available to end users, not to mention the growth of IoT, there are more endpoints than ever, and endpoint security has never been more under threat.\n\nVarious studies put the number of security breaches originating at endpoints between 70 and 95 per cent.\n\nThis does not necessarily imply insider threat, even though this is a big issue, it could also suggest phishing attacks are still successful.\n\nIndeed, the 2017 Verizon Data Breach Investigations Report said that despite many warnings about the dangers of opening unknown emails and efforts to increase awareness through employee training, phishing scams continue to thrive. \n\nAccording to the DBIR, 95 percent of phishing attacks that resulted in a breach were followed by a software installation, depositing malware on a system.\n\nAV and anti-malware software is still a basic necessity, but even the best software can only react to already known threats \u2013 human intervention is needed to ensure new threats are covered.\n\nRegular software updates aren\u2019t enough to deal with the multiple threats facing enterprises today \u2013 cyberattacks are evolving quickly and enterprises have to play catch up to protect their end users and their valuable data.\n\nEven teams of human security analysts could not hope to sift through all the data provided by an enterprise\u2019s AV and anti-malware software, and most enterprises will only have a small number of individuals devoted to cybersecurity anyway.\n\nThere have also been a number of trust issues around AV, with the recent controversy over software made by Russia-based Kaspersky Labs a prominent example.\n\nDespite being one of the largest antivirus providers in the world, Kaspersky\u2019s software was banned for use in U.S. Government departments last September after the Department of Homeland Security alleged it could enable Russian espionage and threaten national security.\n\nAlthough no solution is going to entirely protect all endpoints against all cyber threats, one option is to use artificial intelligence (AI) algorithms and machine learning.\n\nMachine learning, which enables systems to learn from data without specific programming, could be used to gather and analyze data and identify threats that could point to enterprise level cyberattacks.\n\nThese threats could then be stopped at the endpoint before they cause any damage.\n\nAI is many times faster than any human security analyst could ever hope to be, calculating literally millions of possibilities every second.\n\nThe best recent example was when machine learning technology was able to detect and protect many systems from last year\u2019s WannaCry ransomware outbreak, which bypassed almost all traditional AV software and other systems.\n\nThe WannaCry attack hit over 200 thousand computers in 150 countries, including NHS computer systems in the U.K., and perfectly illustrates the need for increased and enhanced endpoint security.\n\nThe key to machine learning success currently lies in the cloud. Traditional servers are not large or fast enough to process the data and create the models needed to detect and combat attacks, but by using cloud servers the process is quicker, easier and much more affordable than ever before, bringing it into the reach of more enterprises.\n\nHackers are already using automated systems, machine learning and AI to create new cyber threats. Security experts think the next 12 months will see an acceleration in the adoption of machine learning by hackers as they try to carry out increasingly sophisticated phishing attacks.\n\nHowever, AI antivirus solutions are still relatively thin on the ground. Although a small number of companies do offer machine learning and AI cyber threat solutions for endpoints, such as Cylance, Darktrace and Symantec, this really should become the industry standard.\n\nMicrosoft at least seems to have learned from its experience of WannaCry and is apparently turning to AI to create the next generation of anti-virus software. A recent security update incorporated machine learning from millions of computers running Windows 10, which the corporation says will create an artificial intelligence antivirus that can detect malware.\n\nWhile this is a good start, the wider cybersecurity industry must wake up to the AI imbalance and address it quickly if we are to stay one step ahead of the hackers and avoid more incidents like WannaCry.