The overwhelming majority of information security professionals believe end users are their biggest security headache, largely due to their tendency to click on suspicious and malicious e-mails and URLs, according to Bromium.
“When you have more than 70 percent of breaches begin at the endpoint and nearly 80 percent of information security professionals stating that users are their biggest security headache, it becomes overwhelmingly apparent that traditional endpoint protection is a spectacular failure,” said Simon Crosby, CTO, Bromium. “We are witnessing the start of a new era of proactive protection, now that the majority of information security professionals have lost confidence in detection-based solutions, such as anti-virus.”
More than 63 percent of respondents believe that clicking on malicious Internet content by end users introduces the most security risk (43 percent URLs/20 percent e-mails).
Manual and reactive processes, such as investigating security alerts and the detection and remediation of compromised endpoints each account for 20 percent of the responses. Additional results found that only 15 percent of organizations are able to respond to 90 percent or more of their security alerts, which represents an alarming security gap.
When asked to rate their confidence in a variety of information security solutions, only 31 percent responded that they were confident in antivirus and only 37 percent responded that they were confident in next-generation firewalls.
Even as the information security market has grown to $70B, the magnitude and frequency of data breaches has been increasing. Information security professionals are drowning in the rising tide of security alerts generated by end users connecting to untrusted networks in coffee shops or clicking on suspicious content, but as attacks outpace defense, the traditional models of information security are broken.