Top threats impacting endpoint security decisions

Enterprise Strategy Group surveyed 300 IT and information security professionals from large midmarket and enterprise-class organizations in order to examine the top threats impacting endpoint security, and the role artificial intelligence is playing in corporate cybersecurity strategies.

Which of the following types of threats do you believe to be the most difficult to detect?

endpoint security decisions

Research shows that the majority of businesses across the globe are either currently or planning to incorporate machine learning in their endpoint defenses. Key findings include:

Machine learning is a leading strategy for endpoint security: Forty-seven percent of respondents have deployed machine learning for endpoint security, with 23 percent currently testing the technology. Thirty-two percent said machine learning is detecting new and unknown malware that evades other endpoint security solutions and 25 percent are deploying the technology to increase productivity.

Ransomware remains top concern: Nearly half (46 percent) of organizations experienced a ransomware attack in the previous twelve months, impacting more than five percent of their endpoints in most cases (56 percent). Of those, 60 percent experience a recurrence of the same ransomware, but only 12 percent paid the ransom.

Known malware is a problem, but unknown strains are an even bigger concern: Thirty-five percent of respondents indicated that known malware was the most common threat faced in the past two years. Twenty-nine percent ranked unknown malware as the top attack form, with 44 percent naming it as the greatest risk to their organizations’ endpoints.

Cybercriminals top the list of bad actors: Ninety percent of responses are concerned or extremely concerned with the threat posed by cybercriminals, followed by nation-states (82 percent), hacktivists (79 percent) and insiders (78 percent).

Attacks on endpoints primarily impact productivity and operations: Thirty-two percent of respondents ranked interruptions to standard business operations as the top impact of compromised endpoints (32 percent), followed by impeding the productivity of knowledge workers (31 percent), and delays to other IT projects (28 percent).

You indicated you plan to adopt, or have interest in adopting, machine learning for endpoint security. Two years from now, how do you expect your organization will ultimately run/operate machine learning technology for endpoint security?

endpoint security decisions

“The threat landscape is constantly changing, but this research shows that just because an attack form is old, doesn’t mean it won’t remain effective,” said Doug Cahill, Senior Analyst at Enterprise Strategy Group. “There is one reason phishing attacks are of extreme concern to 47 percent of businesses: they work. While new threats and zero-days will continue to keep security teams up at night, it will be a mixture of the old and new attack forms that keep them busy.”

Don't miss