Organizations have been dealing with the growing threat of successful cyber-security breaches due to ever expanding endpoint device security issues. These issues arise as traditional anti-virus software is not sufficient for handling the new style of cyber-attacks. This article published by the Ponemon Institute showcases their findings as they surveyed 665 IT security professionals who are responsible for managing and reducing the security risks of their organizations.
The article focuses on four key areas:
- Key Findings
The introduction provides an overview on how cyber-attacks are evolving and making it more difficult and costlier for organizations to secure their endpoint devices. A survey was conducted of 665 IT security professionals who manage and reduce security risks. The findings of the survey indicate that there is currently a major shift in endpoint device security, as a majority of the organizations are replacing or augmenting their current security systems in order to combat “fileless” attacks, although some remain skeptical that these attacks can be stopped.
There are some interesting perceptions of endpoint device security risks. For example, 69% of respondents state that endpoint device security risks have increased in their organizations, with 68% responding that new threats have increased as well. However, despite the awareness of these threats only 36% believe they have the necessary resources to reduce endpoint device security risks and another 31% believe their traditional anti-virus software provides the necessary protection to stop the cyber-attack from being effective. A significant number (45%) of respondents also state that the biggest concern with their current security system is the number of false positives it provides, making it more difficult on employees.
So called “fileless” attack techniques are on the rise and the traditional endpoint device security systems are not stopping them. These attacks don’t rely on installing malicious files that can be scanned or blocked by anti-virus software. Instead, they leverage exploits designed to run malicious codes or launch scripts from memory, without leaving any evidence behind. These attacks are rising while file attacks continue to decline as fileless attacks are expected to reach 35% and file-based attacks are expected to drop to 65%. Over the last 12 months 77% of respondents stated they believed fileless attacks compromised their organization compared to the 23% that believe file attacks were responsible.
The success of fileless attacks have led many organizations to rethink their security systems. As a result, many respondents state their organizations are investing in new technology. Although new technologies are being added, all cyber-attacks cannot be stopped and on average organizations are effective in stopping 54% of attacks on their endpoint devices, based on responses. According to the survey, 83% of respondent’s organizations either replaced, augmented, or added additional layers of security to their endpoint device security systems while 17% made no change to their security and do not intend to make any changes to their endpoint device security strategy. Ransomware attacks are still a topic for concern for organizations as 43% have experienced ransomware attacks in the past 12 months. Almost two-thirds (65%) of respondents claim that on average the ransom paid for these attacks was about $3,675.
Endpoint device security is continuing to become more difficult and costlier to manage. While it is failing to stop cyber-attacks endpoint device solutions are also causing strain on staff, resources, and overall productivity. According to respondents, their organizations have an average of seven different software agents installed on their endpoint devices to enable IT management and security, making endpoint device management time consuming. Almost three-quarters (73%) of respondents state it has become more difficult for their organization to effectively manage endpoint risks. Over half (53%) of respondents state that their solutions are not providing adequate protection against the newest attacks. The average total cost of a successful attack is over 5 million dollars. The three most costly consequences of successful attacks are IT and end-user productivity loss, system downtime, and theft of information assets according to the respondents.
The current endpoint device security solutions that organizations are deploying are ineffective at stopping the new and evolving cyber-attacks. This leads to the implementation and management of these risks causing a major strain on employees and other resources of the organization. As a result, many organizations are moving on from their traditional endpoint device security solutions with a majority choosing to replace or supplement them with solutions that do not truly address their gaps in protection issues. With the average cost of a successful attack totaling over 5 million dollars it is not feasible to wait until an attack occurs to address endpoint device security issues.
In summary, organizations are facing many issues with endpoint device security risks as new forms of cyber-attacks continue to develop and evolve. Due to these new developments, the Ponemon Institute conducted a survey of IT security professionals tasked with managing and reducing endpoint device security risks. The survey results reveal that endpoint device security risks were increasing for organizations and that the solutions in place were not adequate in solving these issues. As a result, a majority of organizations looked to replace or supplement their endpoint device security solutions, although these did not entirely close the gap in protection. While these cyber-attacks continue to evolve with the times, organizations continue to look for the correct solutions for endpoint device security risks as they would like to avoid the costly successful attacks.
Read ERM articles as soon as we post them
Keep up-to-date with current developments in ERM. Subscribe to the ERM Newsletter.