Are endpoints the most vulnerable part of the network?
Only 39% of companies have advanced endpoint security protections in place even though 74% consider endpoints to be “most vulnerable” to a cyber-attack, and 76% say the number of endpoints is rising.
In addition, 58% of respondents said traditional anti-virus defenses no longer address advanced targeted threats and only 19% believe they will play a vital role in the future.
A new Promisec survey found that 70% of IT professionals are either “highly’ or “moderately’ concerned about a potential security breach in the next year but only 32% say they are “well prepared’ for a cyber-attack.
74% of respondents consider endpoints, such as desktops, laptops and mobile devices, to be the “most vulnerable” part of the network. Case in point, only 32% of companies said they were able to complete Microsoft patch updates in less than a week even though these updates play a key role eliminating known vulnerabilities. Moreover, 34% said it took up to a month, 19% said it took over a month and 14% “never” achieved full rollout of updates. In spite of these endpoint security challenges, only 30% have a dedicated endpoint security budget.
More than half of respondents said there is a bigger need for SIEM and/or advanced threat detection and correlation systems to have deeper endpoint analytics. The respondents categorized it as “very important’ as endpoints are a common attack point and monitoring these points of entry are vital to identifying an attack and taking steps toward remediation.
A majority of VP and C-Level IT leaders surveyed indicated a heightened fear of a security breach in the coming year and acknowledged a rapidly shifting security landscape, which now includes endpoint security.
- 33% of VP and C-Level IT leaders surveyed said they have advanced endpoint protections in place but 75% indicated they have a need for deeper endpoint analytics to assist in threat detection.
- Nearly 70% of VP and C-Level IT leaders put endpoints at the top of their most vulnerable list.
- An Overwhelming majority of VP and C-Level IT Leaders (83%) say antivirus solutions are not part of their future for protecting against advanced threats.
- An alarming 86% of VP and C-Level IT Leaders have a heightened fear of a breach over the next year.
“The security landscape continues to evolve in response to a new breed of more complex and sophisticated threats, where traditional blocking and prevention mechanisms, such as firewall, anti-virus and anti-malware software, are simply no longer enough to keep our networks safe,” said Dan Ross, CEO of Promisec. “Our survey indicates that companies have begun to embrace endpoint security as a critical part of their total security portfolio, but have yet to adopt a robust endpoint monitoring and remediation infrastructure to address today’s most severe threats.”
Companies struggle to keep pace with advanced targeted threats:
- 55% of respondents say they are “not confident” that the security measures they have in place will protect against all scenarios.
- 40% of respondents said that they are only “modestly’ keeping up with BYOD and mobility trends as the number of endpoints increase on their network.
- 45% of respondents said there has been only a “modest increase’ in their companies stepping up its focus on security in response to threats but there are still possible gaps in security.
- 58% said employees are reasonably compliant and use caution but believe they could do a better job establishing and enforcing basic protocols.
- 56% of respondents said that patching, remediation, and compliance are the biggest challenges relative to endpoint security.