Exclusive interview with IGEL's Jason Mafera. Why endpoint security is still the weakest link in cyber defense

Published: 20 November 2025
Laptop farm
By Shutterstock

Endpoint security is often overlooked, costing companies millions in revenue when recovering from a cyberattack. By creating an endpoint environment that can self-heal, enterprises can maintain operations even when primary systems are compromised.

Recent Cyberattacks on the Co-op Group, Marks & Spencer, and Jaguar Land Rover have resulted in a combined impact of over £2.2 billion in direct losses and disruption across these UK businesses.

Many highlighted that the common denominator was that the three companies had outsourced key IT and cybersecurity services to TCS, also known as Tata Consultancy Services. But the majority of media reports failed to address another critically under-discussed problem – the lack of endpoint protection.

ADVERTISEMENT

Cybersecurity focuses on protecting company data, monitoring networks, and ensuring that their cloud services are up to date and patched. But what happens when the endpoints fail? When thousands of laptops, tills, and embedded devices go dark, every other layer of security suddenly becomes irrelevant.

jurgita justinasv Izabelė Pukėnaitė vilius Ernestas Naprys Gintaras Radauskas
Don't miss our latest stories on Google News. Add us as your Preferred Source on Google
Follow us

The overlooked foundation of continuity

James Millington, vice president of product marketing and industry solutions at IGEL, has spent years highlighting this gap. Speaking at Now and Next in Frankfurt, he described how most enterprises can recite their disaster recovery procedures for data centers in fine detail, but fall silent when asked about endpoints.

"When we talk about recovery," he said, "most organizations tell me they have a few spare laptops in a cupboard somewhere. One client reported having twenty devices for five thousand employees. Their backup plan was to send someone to Currys or Best Buy to buy whatever was in stock."

The logistics alone make that approach impossible. The time needed to rebuild a single machine is around two and a half hours. Multiply that across five thousand devices, and recovery can stretch into weeks or even months.

During this period, employees are locked out, customers are frustrated, and productivity suffers a massive decline. The entire enterprise effectively stalls while waiting for hardware to catch up.

Millington points out that this problem is not isolated.

ADVERTISEMENT

"We speak to analysts all the time, and they all tell me the same thing," he explained.

"Everyone assumes someone else is solving endpoint recovery. When we show them our data, the reaction is usually that there is nothing else like it on the market."

Has my data been leaked?
Check Now

A new perspective on recovery

IGEL's Business Continuity and Disaster Recovery (BCDR) platform was built precisely for these moments. Instead of treating endpoints as disposable, IGEL's approach turns them into recoverable assets.

"We created a technology called Dual Boot," Millington said.

"It lets you deploy IGEL OS alongside Windows. If Windows gets hit by ransomware or fails, the user can reboot into IGEL OS and keep working. Access to Office 365 and Teams can be restored in minutes while IT handles forensics in the background."

The concept of coexistence between operating systems may seem simple, but it alters the economics of resilience. It means the endpoint is no longer the weakest link. In fact, it becomes the fastest route to recovery. By designing an endpoint environment that can self-heal, enterprises can maintain operations even when primary systems are compromised.

Millington shared a story with me about a large insurer that admitted it had no plan in place. Their entire continuity strategy was to over-order laptops by five percent. But once they calculated the rebuild time for every device, they realized it was unworkable.

Healthcare's zero-tolerance example

ADVERTISEMENT

Few industries feel the impact of downtime more sharply than healthcare. Hospitals operate on the principle that every second counts. For clinicians, system access is a matter of safety rather than convenience.

Jason Mafera, IGEL's Chief Technology Officer for Healthcare, described what happens when endpoints go down in hospitals.

"Continuity of care means you cannot have systems offline," he said.

"If a clinician loses access to their workstation, patient safety is immediately at risk. It's not acceptable to have downtime because it directly affects patient outcomes."

Healthcare systems typically invest heavily in data resilience. Databases are mirrored. Network traffic is segmented. Yet Mafera explained that the endpoint layer remains a blind spot.

"When we talk to IT teams, they realise they've planned for infrastructure and data recovery but not for endpoints. The most time-consuming part of any recovery is the device itself. Hospitals have more endpoints than clinicians, and when those go down, all the backups in the world don't matter."

His examples extend far beyond medical facilities. Every business, from supermarkets to banks, relies on physical endpoints to connect users to services.

In retail, tills and handheld scanners form the backbone of customer interaction. In factories, operator consoles manage production. In finance, secure laptops and desktops are essential to trading and compliance. When these endpoints fail, operations grind to a halt regardless of how robust the cloud or data layer may be.

The cost of rebuilding versus the value of prevention

A single phishing email infects multiple devices. The malware spreads quietly, encrypting files before triggering a coordinated shutdown. Restoring the infrastructure is straightforward. Restoring the endpoints is not.

ADVERTISEMENT

The Unlocking Endpoint ROI study, announced by CEO Klaus Oestermann in Frankfurt, analyzed over 140 enterprises across various industries, including healthcare, finance, government, manufacturing, and retail. The findings are clear. Organizations that adopted secure-by-design endpoints reduced IT costs by an average of sixty-two percent. Many reported annual savings exceeding $900,000.

The study found additional benefits beyond cost reduction. Simplified management, improved user experience, and measurable increases in resilience all followed from the same design philosophy. In short, by modernizing the endpoint, companies not only cut costs but also create new capacity for innovation and investment in Zero Trust programs.

He believes enterprises have spent decades perfecting the wrong response model. “The old model is monitor, detect, mitigate, remediate,” he explained. “Everyone accepts that things will go wrong, and then builds teams to clean up afterwards. Instead of that, we should spend more time preventing incidents from happening in the first place.” His answer is the company’s preventative security framework, designed to stop attacks before they start and restore systems instantly if they occur.

How prevention works in practice

Mafera explained that a prevention-first architecture begins with security built into the operating system, rather than being added after deployment, which consists of three layers of protection.

The IGEL OS eliminates many of the vulnerabilities present in traditional Windows environments. The second layer is Dual Boot, which allows Windows and IGEL OS to coexist, so if one fails, the other remains operational. Finally, the USB boot device can recover a system even if its hard drive is corrupted.

The endpoint is no longer just a cost center; it is a strategic asset. It is a source of measurable business value. By reducing complexity and automating recovery, organizations free up resources that can be allocated to fund innovation elsewhere.

Millington echoed that sentiment during our interview. "For years, endpoint security was seen as an expense. What if it's actually your fastest way to fund innovation? When you remove complexity and recover endpoints in minutes instead of weeks, you're not just avoiding loss; you're also improving efficiency. You're creating a budget for growth."

Endpoint resilience also requires cooperation between security, infrastructure, and operations teams. It demands precise planning, routine testing, and shared accountability. As Mafera put it, "You can have the best data recovery plans in the world, but if the devices clinicians use are locked down, it doesn't matter. The endpoint is the last mile of continuity."

The last-mile thinking applies equally to banks, factories, and retailers. Endpoints are where people meet technology. They are the touchpoints of productivity. Protecting them protects everything that follows.

ADVERTISEMENT

A new view of the endpoint

The next phase of cybersecurity will demand equal attention to every layer of the stack. Cloud protection, network segmentation, and data governance will continue to be vital. Yet the endpoint will define whether an enterprise survives disruption or succumbs to it.

As Oestermann said in Frankfurt, "We are entering an era where the endpoint is an advantage, not a weakness. When you secure the place where work actually happens, everything else becomes stronger."

Every enterprise now faces a choice. Continue treating endpoints as afterthoughts, or recognise them as the foundation of resilience and the fastest path to innovation.

The next major attack will not wait for new laptops to arrive. The question is whether those laptops can recover themselves before the business behind them grinds to a halt.

Unlock exclusive Cybernews content on YouTube

ADVERTISEMENT
Share
Post
Share
Share
Share
More from Cybernews
DuckDuckGo AI hallucinates Trump's death after AI data poisoning campaign
Peppa Pig AI contract sparks fears over child actors signing away their voices
Microsoft increases Xbox prices again: “Never thought I'd see the day video games become an investment”
UK hospital reports itself after 40 staff accessed crocodile attack victim’s records
Microsoft extends Windows 10 update program as users refuse to upgrade
Australia tightens teen social media ban amid Reddit reports of easy bypassing
ADVERTISEMENT