Zero-day attacks are the most serious type of incidents and compromises for companies, according to 71 percent of respondents in a recent survey. DDoS was second, mentioned by 68 percent of respondents.
Most respondents also say the consequences of an exploit of an existing software vulnerability greater than 3 months old (53 percent) and ransomware (51 percent) can be severe.
Companies still struggle to have the necessary resources to minimize IT endpoint risk: only a third agree that they have ample budget and staff. As a consequence, 69 percent of respondents say their IT department cannot keep up with employee demand for greater support and better mobile device connectivity and 71 percent say their endpoint security policies are difficult to enforce.
Negligent or careless employees who don’t follow security policies are the biggest threat to endpoint security in organizations, according to a survey cited by HOTforSecurity..
How will organizations deal with increased endpoint risk?
- Ninety-five percent of respondents said that their organization will evolve toward a “detect and respond” orientation from one focused on prevention.
- Seventy-seven percent say they have added or plan to add a threat intelligence component to their security stack.
- Another popular trend is the notion of the endpoint as a security sensor. In other words, one where state or context data collected at the endpoint is used to determine if it has been or is being compromised. Fifty-six percent of respondents say their organizations are doing this now or plan to start.
- Also important is the need to develop an offensive security capability (i.e., discover who is behind an attack and then counterattack). Sixty-four percent of respondents are pursuing this now or plan to pursue it in the near future.
- A virtualization technology with embedded, real-time endpoint sensor is considered a positive investment to improve security posture. Sixty-four percent of respondents say it would have a significant impact or impact on an organization’s approach to achieve enhanced endpoint security.