SlideShare a Scribd company logo

EndpointSecurityConcerns2014

P
Peggy Lawless

The survey found that: - 82% of organizations experienced at least one online attack or threat in the last year, with the average company experiencing three types. - While ransomware was less common, it had the highest severity of impact. Browser vulnerabilities were identified as the biggest challenge to endpoint security. - The most common impacts of attacks were increased help desk workload and reduced employee productivity. Most organizations now use multiple endpoint security solutions due to the ineffectiveness of traditional antivirus against advanced malware.

1 of 13
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
Survey: Endpoint Security Concerns 2014 The issues keeping IT admins awake into the New Year
Intro 2014 has created uncertainty for those in charge of IT security. Not only is the threat landscape advancing at a fast pace, leaving traditional antivirus behind, but high-profile breaches have put data security firmly on the map in the boardroom. Previously, this would have been a problem resolved by deploying a single vendor who promised a catch-all solution. However, in today’s world of advanced malware, zero-day exploits and endless data breaches, what’s on the minds of those tasked with IT security? Overview The research interviewed 685 IT decision makers at businesses in a range of sectors. To reflect the non-discriminatory nature of threats, companies of all sizes were surveyed1 . The objectives of the research were: 1. To understand the prevalence and impact of different types of online attack or threat. 2. Rank the biggest challenges faced by security professionals. 3. Determine the percentage of firms that employ multiple AV and anti-malware solutions and identify the top reasons for doing so. 4. Rank the top selection criteria for endpoint security solutions. 1 See appendix for outline methodology details
Contents Attacks are commonplace Severity 2015, the year of the vulnerability? The real world impact Layered endpoint security enhancing failing AV Conclusions 04 05 06 08 10 12
Attacks are commonplace The results showed a high number of businesses had experienced an online attack or threat in the last year. 82% of all organizations questioned had faced at least one. This means that, of the sample base of 685, only 124 had made it through the year. The figures also showed a trend for businesses experiencing multiple infections, threats and attacks, with the average company being subjected to three types of attack in total. Some organizations were the target of as many as eight types of attack in the last 12 months alone. 04 25% 20% 15% 10% 5% 0% 0 1 2 3 4 5 6 7 8 Number of types of infections, threats, and attacks experienced in the last 12 months by companies with 50+ employees 18% 16% 20% 21% 13% 6% 2% 2% 2%
Severity Despite its relatively low frequency of attack by comparison with other threats, the data clearly showed that where ransomware was present, the impact was very severe. This potentially speaks to the real-world drain on IT teams struggling to decrypt, recover, or suffer the consequences of data loss. Given their sophistication and highly tailored nature, the targeted APT threat also scored highly in terms of severity of impact, again out of proportion with the numbers of companies experiencing such an attack. This speaks of a low volume, yet highly impactful attack. Conversely, despite having a high incidence of penetration, the burden of infection from Potentially Unwanted Programs, such as adware and toolbars, on IT teams was relatively low. 05 How severe were they? In the past 12 months, did your company experience the following infections, threats or attacks? Total N=685 Low Severity Medium Severity High Severity Ransomware 15% 23% 39% 38% Advanced Persistent Threat (APT, a targeted attack aimed at your organization) 17% 28% 35% 37% DoS or DDoS 16% 25% 51% 24% File infector virus 40% 36% 41% 23% Hacking or network intrusion 29% 31% 46% 23% Drive-by download 19% 40% 40% 20% Malware (viruses, worms, spyware and other malicious programs) 67% 40% 42% 18% Potentially Unwanted Program (PUP) 42% 42% 38% 13%
06 Total Number of Endpoints Which of the folowing make endpoint security difficult for your organization 1-99 100-999 1000+ Total Browser vulnerabilities 70% 73% 76% 72% Mobile device vulnerabilities 54% 65% 68% 62% Advanced Persistent Threats 55% 57% 69% 59% Cleaning infected endpoints 54% 60% 56% 57% OS security bypasses 51% 54% 59% 55% Zero-day malware 44% 57% 57% 53% None of the above 0% 3% 3% 2% 2015, the year of the vulnerability? As we move into 2015, the data identified that browser vulnerabilities are making endpoint security most challenging. Flaws in popular browsers such as Internet Explorer, which can be exploited as part of advanced attacks, were identified as the threat which is currently making endpoint security most difficult for organizations, indexing 10 points higher than the next nearest answer and 13 points higher than the worry from APTs.
07 60% 40% 20% 0% Not at all valuable Slightly Valuable Somewhat valuable Very valuable Extremely valuable How valuable would an exploit mitigation tool be? The growth in awareness around this issue could be linked to the increasing number of updates for browser vulnerabilities, with more in 2014 than previous years2 . This could also be tied to the increasingly popular use of vulnerabilities as a part of the advanced attack chain, or the growing use of exploit kits. In response to this threat, 94% of all businesses questioned said they would find a purpose-built exploit mitigation tool valuable in some form. This was especially true in or- ganizations which have to manage more than 1000 endpoints. The most valuable feature of such a tool, according to those questioned, was that it should be compatible with existing antivirus and anti-malware products, highlighting a desire to operate it in tandem on the endpoint. 2 ‘Why are there more browser vulnerabilities these days?’ – Larry Seltzer, ZDNet Nov 11, 2014 0% 5% 28% 42% 24% 2015, the year of the vulnerability?
08 The real world impact The impact of enterprise threats is still not gauged by in-house teams in terms of the data being stolen or intellectual property compromised. Rather, the data shows that it is largely in the resource outlaid directly resolving and remediating the threat. This is evidenced by the fact that the most common impact cited by IT leaders suffering from attack is the increased help-desk workload it generates. This front-line thinking carries into the fact that the next largest effect is seen to be with the reduction in productivity suffered by the impacted employee. Total Number of Endpoints What impact did the threats or attacks have on your organization? 1-99 100-999 1000+ Total Increased help-desk time 12% 25% 40% 24% Reduced employee productivity 13% 31% 37% 20% Difficult to remediate 18% 37% 32% 13% Customer data lost or compromised 50% 22% 19% 9% Intellectual property lost or compromised 49% 24% 19% 8% Negative effect on reputation or sales 51% 25% 18% 6%
09 Traditional antivirus typically tends to struggle to remove today’s advanced malware. In response, those surveyed said they normally either undertake the lengthy process of quarantining the machine and reimaging, or contacting the vendor of the failed endpoint solution for advice. What actions do you take when a threat is not removed by your AV or anti-malware? Quarantine the machine and reimage Contact our endpoint security vendor for help Look for a solution online Use a free malware removal tool Use a purchased malware removal tool 0% 10% 20% 30% 40% 50% 60% 48% 47% 39% 34% 28% The real world impact
10 Layered endpoint security enhancing failing AV 84% of all of those questioned agreed that advanced malware has made traditional endpoint antivirus less effective and the majority, 80%, plan to purchase an endpoint security solution in the next 12 months. Strongly Disagree Somewhat Disagree Slightly Disagree Slightly Agree Somewhat Agree Strongly Agree Traditional AV has become much less effective at countering the latest malware. 2% 5% 9% 20% 37% 27% Having two or more endpoint anti-malware products provides better protection. 4% 8% 10% 21% 32% 25% The weakest security link is the endpoint. 3% 6% 10% 23% 36% 21%
11 Awareness of the fading efficacy of traditional AV is accompanied by a move towards layered endpoint solutions. Of those questioned, 78% said they were looking to have more than one endpoint security solution in place by the end of 2015. Adding an additional layer in this way augments front-line threat protection, with the majority of respondents admitting that “a single endpoint security program can’t catch all malware.” More Than One Endpoint Security Solution Currently deployed Plan to implement in 2014 Plan to implement in 2015 Plan to implement in 2016 or later No plans to implement or don’t know 0% 10% 20% 30% 40% 50% 60% 52% 5% 21% 5% 17% Layered endpoint security enhancing failing AV
Conclusions 1. Attacks are now commonplace, irrespective of company size and vertical sector. 2. Ransomware is emerging as an enterprise threat which, when it occurs, can be severely impactful. 3. IT leaders are worried by the emerging threat from browser vulnerabilities 4. Respondents see the largest impact from attack as the post-incident clean-up and decreased effectiveness of the affected employees. 5. IT leaders agree that advanced threats have made traditional antivirus less effective, and are adopting a layered endpoint in response. 12
Appendix • Blind online survey designed by independent research firm Lawless Research using Qualtrics survey software • 685 endpoint security purchase decision-makers from Research Now online panel in US companies with 50 or more employees: - 50 to 99: 121 - 100 to 999: 343 - 1,000+: 221 12

More Related Content

PDF
VIPRE --Responding to Cyberattacks
Abhishek Sood
 
PDF
2013 Incident Response Survey
FireEye, Inc.
 
PDF
Cloud activ8 state of ransomware report_2021-dec
gusbarrett
 
PDF
Impacts cloud remote_workforce
Rodrigo Varas
 
PPTX
2018 State of Cyber Resilience Insurance
Accenture Insurance
 
PDF
Prevent & Protect
Mike McMillan
 
PDF
Breaches Are Bad for Business. How Will You Detect and Respond to Your Next C...
Hewlett Packard Enterprise Business Value Exchange
 
PDF
SANS 2013 Report on Critical Security Controls Survey: Moving From Awareness ...
FireEye, Inc.
 
VIPRE --Responding to Cyberattacks
Abhishek Sood
 
2013 Incident Response Survey
FireEye, Inc.
 
Cloud activ8 state of ransomware report_2021-dec
gusbarrett
 
Impacts cloud remote_workforce
Rodrigo Varas
 
2018 State of Cyber Resilience Insurance
Accenture Insurance
 
Prevent & Protect
Mike McMillan
 
Breaches Are Bad for Business. How Will You Detect and Respond to Your Next C...
Hewlett Packard Enterprise Business Value Exchange
 
SANS 2013 Report on Critical Security Controls Survey: Moving From Awareness ...
FireEye, Inc.
 

What's hot (17)

PDF
The top challenges to expect in network security in 2019 survey report
Bricata, Inc.
 
PDF
Your Mission: Identify & Eliminate Cyber Attacks
Enterprise Management Associates
 
PDF
5 Key Findings on Advanced Threats
Hannah Jenney
 
PDF
when minutes counts
Martin Lindgren
 
PDF
Best practices for_implementing_security_awareness_training
wardell henley
 
PDF
Trustwave: 7 Experts on Transforming Your Threat Detection & Response Strategy
Mighty Guides, Inc.
 
PDF
Cybersecurity: Perceptions & Practices
Joseph DeFever
 
PDF
Ponemon report : 'Critical Infrastructure: Security Preparedness and Maturity -
Marcello Marchesini
 
PPT
State of endpoint risk v3
Lumension
 
PDF
Reporte de Seguridad de Cisco 2016
Oscar Romano
 
PPT
The True Cost of Anti-Virus: How to Ensure More Effective and Efficient Endp...
Lumension
 
PDF
Event 16 12-15 global information security workforce study 1.0
isc2-hellenic
 
PDF
Demonstrating Information Security Program Effectiveness
Doug Copley
 
PDF
application-security-fallacies-and-realities-veracode
sciccone
 
PDF
Hexis Cybersecurity Mission Possible: Taming Rogue Ghost Alerts
Hexis Cyber Solutions
 
PDF
16231
James Grant
 
PDF
Symantec Cloud Security Threat Report
Symantec
 
The top challenges to expect in network security in 2019 survey report
Bricata, Inc.
 
Your Mission: Identify & Eliminate Cyber Attacks
Enterprise Management Associates
 
5 Key Findings on Advanced Threats
Hannah Jenney
 
when minutes counts
Martin Lindgren
 
Best practices for_implementing_security_awareness_training
wardell henley
 
Trustwave: 7 Experts on Transforming Your Threat Detection & Response Strategy
Mighty Guides, Inc.
 
Cybersecurity: Perceptions & Practices
Joseph DeFever
 
Ponemon report : 'Critical Infrastructure: Security Preparedness and Maturity -
Marcello Marchesini
 
State of endpoint risk v3
Lumension
 
Reporte de Seguridad de Cisco 2016
Oscar Romano
 
The True Cost of Anti-Virus: How to Ensure More Effective and Efficient Endp...
Lumension
 
Event 16 12-15 global information security workforce study 1.0
isc2-hellenic
 
Demonstrating Information Security Program Effectiveness
Doug Copley
 
application-security-fallacies-and-realities-veracode
sciccone
 
Hexis Cybersecurity Mission Possible: Taming Rogue Ghost Alerts
Hexis Cyber Solutions
 
16231
James Grant
 
Symantec Cloud Security Threat Report
Symantec
 
Ad

Viewers also liked (6)

DOCX
Larry Tuckers Newest 2015 Resume
Larry Tucker
 
PPTX
The economy
EduardoA00960413
 
PDF
Tema 34 uno
noelia mamani illachura
 
PPTX
Viagens literárias
Daniel Venâncio
 
PDF
Resultados supercopa de españa cadete torneo intern.ciudad hondarria 2013
Victoria Ufc
 
PPTX
Presentació situcació (medicaments)
paulaconcellonieto
 
Larry Tuckers Newest 2015 Resume
Larry Tucker
 
The economy
EduardoA00960413
 
Tema 34 uno
noelia mamani illachura
 
Viagens literárias
Daniel Venâncio
 
Resultados supercopa de españa cadete torneo intern.ciudad hondarria 2013
Victoria Ufc
 
Presentació situcació (medicaments)
paulaconcellonieto
 
Ad

Similar to EndpointSecurityConcerns2014 (20)

PDF
True Cost of Ransomware to Your Business
IndusfacePvtLtd
 
PDF
Security Whack-a-Mole: SANS 2017 Threat Landscape Survey
Qualys
 
PPTX
The State of Ransomware 2020
Netpluz Asia Pte Ltd
 
PPT
State of endpoint risk v3
Lumension
 
PPT
State of endpoint risk v3
Lumension
 
PPTX
Cybersecurity - Sam Maccherola
TechBiz Forense Digital
 
PDF
Security Incident Response Readiness Survey
Rahul Neel Mani
 
PDF
SVB Cybersecurity Impact on Innovation Report - Overview
Silicon Valley Bank
 
PPTX
Project.pptx
Dhruv896840
 
PDF
2016 trustwave global security report
Marco Antonio Agnese
 
PPTX
Network Security Risks and Challenges for Enterprises
Sandeep Yadav
 
PDF
Netwealth educational webinar: Peace of mind in a digital world
netwealthInvest
 
PPTX
Webinar - Bitglass and CyberEdge - Hidden Security Threats
Bitglass
 
PDF
edgescan vulnerability stats report (2019)
Eoin Keary
 
PDF
Unveiling the Latest Threat Intelligence Practical Strategies for Strengtheni...
Auxis Consulting & Outsourcing
 
PDF
The State of Threat Detection 2019
Fidelis Cybersecurity
 
PPTX
Survey: Insider Threats and Cyber Security
Imperva
 
PDF
Scale vp wisegate-investing-in_security_innovation_aug2014-gartner_catalyst
Bill Burns
 
PPTX
CompTIA International Trends in Cybersecurity
CompTIA
 
PPTX
Cybersecurity and Healthcare - HIMSS 2018 Survey
Imperva
 
True Cost of Ransomware to Your Business
IndusfacePvtLtd
 
Security Whack-a-Mole: SANS 2017 Threat Landscape Survey
Qualys
 
The State of Ransomware 2020
Netpluz Asia Pte Ltd
 
State of endpoint risk v3
Lumension
 
State of endpoint risk v3
Lumension
 
Cybersecurity - Sam Maccherola
TechBiz Forense Digital
 
Security Incident Response Readiness Survey
Rahul Neel Mani
 
SVB Cybersecurity Impact on Innovation Report - Overview
Silicon Valley Bank
 
Project.pptx
Dhruv896840
 
2016 trustwave global security report
Marco Antonio Agnese
 
Network Security Risks and Challenges for Enterprises
Sandeep Yadav
 
Netwealth educational webinar: Peace of mind in a digital world
netwealthInvest
 
Webinar - Bitglass and CyberEdge - Hidden Security Threats
Bitglass
 
edgescan vulnerability stats report (2019)
Eoin Keary
 
Unveiling the Latest Threat Intelligence Practical Strategies for Strengtheni...
Auxis Consulting & Outsourcing
 
The State of Threat Detection 2019
Fidelis Cybersecurity
 
Survey: Insider Threats and Cyber Security
Imperva
 
Scale vp wisegate-investing-in_security_innovation_aug2014-gartner_catalyst
Bill Burns
 
CompTIA International Trends in Cybersecurity
CompTIA
 
Cybersecurity and Healthcare - HIMSS 2018 Survey
Imperva
 

EndpointSecurityConcerns2014

  • 1. Survey: Endpoint Security Concerns 2014 The issues keeping IT admins awake into the New Year
  • 2. Intro 2014 has created uncertainty for those in charge of IT security. Not only is the threat landscape advancing at a fast pace, leaving traditional antivirus behind, but high-profile breaches have put data security firmly on the map in the boardroom. Previously, this would have been a problem resolved by deploying a single vendor who promised a catch-all solution. However, in today’s world of advanced malware, zero-day exploits and endless data breaches, what’s on the minds of those tasked with IT security? Overview The research interviewed 685 IT decision makers at businesses in a range of sectors. To reflect the non-discriminatory nature of threats, companies of all sizes were surveyed1 . The objectives of the research were: 1. To understand the prevalence and impact of different types of online attack or threat. 2. Rank the biggest challenges faced by security professionals. 3. Determine the percentage of firms that employ multiple AV and anti-malware solutions and identify the top reasons for doing so. 4. Rank the top selection criteria for endpoint security solutions. 1 See appendix for outline methodology details
  • 3. Contents Attacks are commonplace Severity 2015, the year of the vulnerability? The real world impact Layered endpoint security enhancing failing AV Conclusions 04 05 06 08 10 12
  • 4. Attacks are commonplace The results showed a high number of businesses had experienced an online attack or threat in the last year. 82% of all organizations questioned had faced at least one. This means that, of the sample base of 685, only 124 had made it through the year. The figures also showed a trend for businesses experiencing multiple infections, threats and attacks, with the average company being subjected to three types of attack in total. Some organizations were the target of as many as eight types of attack in the last 12 months alone. 04 25% 20% 15% 10% 5% 0% 0 1 2 3 4 5 6 7 8 Number of types of infections, threats, and attacks experienced in the last 12 months by companies with 50+ employees 18% 16% 20% 21% 13% 6% 2% 2% 2%
  • 5. Severity Despite its relatively low frequency of attack by comparison with other threats, the data clearly showed that where ransomware was present, the impact was very severe. This potentially speaks to the real-world drain on IT teams struggling to decrypt, recover, or suffer the consequences of data loss. Given their sophistication and highly tailored nature, the targeted APT threat also scored highly in terms of severity of impact, again out of proportion with the numbers of companies experiencing such an attack. This speaks of a low volume, yet highly impactful attack. Conversely, despite having a high incidence of penetration, the burden of infection from Potentially Unwanted Programs, such as adware and toolbars, on IT teams was relatively low. 05 How severe were they? In the past 12 months, did your company experience the following infections, threats or attacks? Total N=685 Low Severity Medium Severity High Severity Ransomware 15% 23% 39% 38% Advanced Persistent Threat (APT, a targeted attack aimed at your organization) 17% 28% 35% 37% DoS or DDoS 16% 25% 51% 24% File infector virus 40% 36% 41% 23% Hacking or network intrusion 29% 31% 46% 23% Drive-by download 19% 40% 40% 20% Malware (viruses, worms, spyware and other malicious programs) 67% 40% 42% 18% Potentially Unwanted Program (PUP) 42% 42% 38% 13%
  • 6. 06 Total Number of Endpoints Which of the folowing make endpoint security difficult for your organization 1-99 100-999 1000+ Total Browser vulnerabilities 70% 73% 76% 72% Mobile device vulnerabilities 54% 65% 68% 62% Advanced Persistent Threats 55% 57% 69% 59% Cleaning infected endpoints 54% 60% 56% 57% OS security bypasses 51% 54% 59% 55% Zero-day malware 44% 57% 57% 53% None of the above 0% 3% 3% 2% 2015, the year of the vulnerability? As we move into 2015, the data identified that browser vulnerabilities are making endpoint security most challenging. Flaws in popular browsers such as Internet Explorer, which can be exploited as part of advanced attacks, were identified as the threat which is currently making endpoint security most difficult for organizations, indexing 10 points higher than the next nearest answer and 13 points higher than the worry from APTs.
  • 7. 07 60% 40% 20% 0% Not at all valuable Slightly Valuable Somewhat valuable Very valuable Extremely valuable How valuable would an exploit mitigation tool be? The growth in awareness around this issue could be linked to the increasing number of updates for browser vulnerabilities, with more in 2014 than previous years2 . This could also be tied to the increasingly popular use of vulnerabilities as a part of the advanced attack chain, or the growing use of exploit kits. In response to this threat, 94% of all businesses questioned said they would find a purpose-built exploit mitigation tool valuable in some form. This was especially true in or- ganizations which have to manage more than 1000 endpoints. The most valuable feature of such a tool, according to those questioned, was that it should be compatible with existing antivirus and anti-malware products, highlighting a desire to operate it in tandem on the endpoint. 2 ‘Why are there more browser vulnerabilities these days?’ – Larry Seltzer, ZDNet Nov 11, 2014 0% 5% 28% 42% 24% 2015, the year of the vulnerability?
  • 8. 08 The real world impact The impact of enterprise threats is still not gauged by in-house teams in terms of the data being stolen or intellectual property compromised. Rather, the data shows that it is largely in the resource outlaid directly resolving and remediating the threat. This is evidenced by the fact that the most common impact cited by IT leaders suffering from attack is the increased help-desk workload it generates. This front-line thinking carries into the fact that the next largest effect is seen to be with the reduction in productivity suffered by the impacted employee. Total Number of Endpoints What impact did the threats or attacks have on your organization? 1-99 100-999 1000+ Total Increased help-desk time 12% 25% 40% 24% Reduced employee productivity 13% 31% 37% 20% Difficult to remediate 18% 37% 32% 13% Customer data lost or compromised 50% 22% 19% 9% Intellectual property lost or compromised 49% 24% 19% 8% Negative effect on reputation or sales 51% 25% 18% 6%
  • 9. 09 Traditional antivirus typically tends to struggle to remove today’s advanced malware. In response, those surveyed said they normally either undertake the lengthy process of quarantining the machine and reimaging, or contacting the vendor of the failed endpoint solution for advice. What actions do you take when a threat is not removed by your AV or anti-malware? Quarantine the machine and reimage Contact our endpoint security vendor for help Look for a solution online Use a free malware removal tool Use a purchased malware removal tool 0% 10% 20% 30% 40% 50% 60% 48% 47% 39% 34% 28% The real world impact
  • 10. 10 Layered endpoint security enhancing failing AV 84% of all of those questioned agreed that advanced malware has made traditional endpoint antivirus less effective and the majority, 80%, plan to purchase an endpoint security solution in the next 12 months. Strongly Disagree Somewhat Disagree Slightly Disagree Slightly Agree Somewhat Agree Strongly Agree Traditional AV has become much less effective at countering the latest malware. 2% 5% 9% 20% 37% 27% Having two or more endpoint anti-malware products provides better protection. 4% 8% 10% 21% 32% 25% The weakest security link is the endpoint. 3% 6% 10% 23% 36% 21%
  • 11. 11 Awareness of the fading efficacy of traditional AV is accompanied by a move towards layered endpoint solutions. Of those questioned, 78% said they were looking to have more than one endpoint security solution in place by the end of 2015. Adding an additional layer in this way augments front-line threat protection, with the majority of respondents admitting that “a single endpoint security program can’t catch all malware.” More Than One Endpoint Security Solution Currently deployed Plan to implement in 2014 Plan to implement in 2015 Plan to implement in 2016 or later No plans to implement or don’t know 0% 10% 20% 30% 40% 50% 60% 52% 5% 21% 5% 17% Layered endpoint security enhancing failing AV
  • 12. Conclusions 1. Attacks are now commonplace, irrespective of company size and vertical sector. 2. Ransomware is emerging as an enterprise threat which, when it occurs, can be severely impactful. 3. IT leaders are worried by the emerging threat from browser vulnerabilities 4. Respondents see the largest impact from attack as the post-incident clean-up and decreased effectiveness of the affected employees. 5. IT leaders agree that advanced threats have made traditional antivirus less effective, and are adopting a layered endpoint in response. 12
  • 13. Appendix • Blind online survey designed by independent research firm Lawless Research using Qualtrics survey software • 685 endpoint security purchase decision-makers from Research Now online panel in US companies with 50 or more employees: - 50 to 99: 121 - 100 to 999: 343 - 1,000+: 221 12