While concern for end-user risk persists, confidence is waning in traditional detection-based security solutions, such as antivirus and firewalls. Instead, interest is shifting toward prevention-based security solutions, such as endpoint threat isolation, according to a new Bromium report.
Less confidence in legacy detection solutions – An overwhelming majority of respondents (92 percent) said they have lost confidence in the ability of traditional endpoint protection solutions, such as antivirus and white listing, to detect unknown threats like zero-day attacks. Additionally, 78 percent believe antivirus is not effective against general cyber attacks.
Endpoint threat isolation is most effective – When asked to select from a list of security solutions, information security professionals said they consider endpoint threat isolation the most effective solution at preventing cyber threats (58 percent). Nearly one-third said network-based solutions are effective; 28 percent have faith in intrusion detection/intrusion prevention (IDS/IPS); and 27 percent think network sandboxes are effective.
End users source of greatest risk – Nearly two-thirds of respondents (62 percent) believe that users are one of the greatest sources of security risk. Additionally, more than one-quarter cited emerging cloud and mobile technologies that reduce IT control; 29 percent cited cloud services; and 29 percent said mobile devices among the top sources of risk.
Prevention is the foundation of security – A majority of respondents (58 percent) believe that prevention, such as hardening and isolating systems, is the most foundational aspect of security architecture, compared to 23 percent who cited detection, 16 percent who cited response (investigation/remediation), and 34 percent who said predictive analytics.