The radical shift in the scale and economics of cybercrime calls for an equally radical change in how IT protects user systems. Whether it is from phishing attempts, drive-by-downloads, or malware-free intrusion techniques, endpoints are usually at the spear tip of assaults on enterprise networks.